538e8c275857a4c742bf7e883c0afe11[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

538e8c275857a4c742bf7e883c0afe11.zip
Size

4KB
MD5

ff6cf7a642228ee58eec65092f96c29a
SHA1

e402de83c94400f7667393912da1cb57f3a350e8
SHA256

337f8ba39aa7490fff43ba3bcb5c56c24f3b6a76c93c0a65139a374053ca4c4b
SHA512

aab965ec3afe0d2564a8a078a885f3b31c7a7fe5295456ff4a536107acc34984c357f7170c253b09a0e5bb3a93f7bc6631c9a43b3de2f5c8000c9d646599c32e
SSDEEP

96:EJPCTB6kosuJGeDAwKdoV+rjaIq5oNJOYxqnR8NMun1yU5:E5CTBl8TiGEq5SOYW8Nzn1L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/073d4c2c64e9c9c4b0f423da9b333082df0c12421dd196bf8b56cf0c42b70d4e

Files

538e8c275857a4c742bf7e883c0afe11.zip
.zip

Password: infected
073d4c2c64e9c9c4b0f423da9b333082df0c12421dd196bf8b56cf0c42b70d4e
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Alex\Documents\Visual Studio 2010\Projects\WindowsFormsApplication1\startminer\obj\x86\Debug\WindowsTime.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ