0da6d51160b86de0a1e2a104d6a71407[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0da6d51160b86de0a1e2a104d6a71407.zip
Size

549KB
MD5

a8f38aa4470022ec981491408c262b54
SHA1

19c097e7265ef1ae28baf99c9bfa492f77c9fa1f
SHA256

2d8ffcdd2f059e76e1421383191731b1a8a42f10c078507eddc761bd9223fd16
SHA512

82ad408fdadc5bf2d0658f911c2754759f37e17e27c8676f2e13052b9000fe90b3137a2a343fef183b86d1a262ca02ffb355e6f851ab8231361dece9ee248219
SSDEEP

12288:5OmcebVH0g6QxPieKNF1NegCsZh8qTCQiDY7WuSv25FSKRuZ3oS7/Z:gtg6Qx7uHegChquVTO5g2S7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e134a6c799de4a4705eebb7fd139c9c1b1f0a2e8b527e732ee7a40fdc5f49ee4

Files

0da6d51160b86de0a1e2a104d6a71407.zip
.zip

Password: infected
e134a6c799de4a4705eebb7fd139c9c1b1f0a2e8b527e732ee7a40fdc5f49ee4
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 898KB - Virtual size: 898KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ