438e68edbd34665d0e96aa94f0d6a7c6[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

438e68edbd34665d0e96aa94f0d6a7c6.zip
Size

108KB
MD5

07e5888ed1b599820f8bac2244351ffa
SHA1

97b652fe2ee810913edd5f9d9827db6d11b44c0a
SHA256

b6ab80b38a6c927c8ae1bac294b0db71d543041cfa773d0db87e40be9b3aa358
SHA512

a4c90b8953cba0994cdfd9849e5520a248914ca16638cf1810a625160d0b62274a785039ed8b57a1c1f963e687e42f86f5f9a4dbeae6b1c7c12fc7cdeb26765a
SSDEEP

3072:Z74BbOkXWC6arQf+Olbpl6z2/3isdPzrIx1rejN:9eOvPa6xT/JrY1K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3ecb65f56d71180d9ffe4fa95e93bf45b9c6d73f59994ffc97463dc77949e0b2

Files

438e68edbd34665d0e96aa94f0d6a7c6.zip
.zip

Password: infected
3ecb65f56d71180d9ffe4fa95e93bf45b9c6d73f59994ffc97463dc77949e0b2
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ