b9489942b924b9fdb0449c9d04d3ed00[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9489942b924b9fdb0449c9d04d3ed00.zip
Size

379KB
MD5

bef752a7576afa565e1394ab75132dba
SHA1

d1dac32fa3db8b59cef58b88f656cf87ecfcaf7e
SHA256

34f535636ba15152297192323c4d9572befa231142ce61380b72562ebbb86279
SHA512

e49904ffc41378efe95bde38ef1d3df8f41088c2ed5e806379fce1bf9a995d3b0438a05e1a35dceb133ad6e2206e322dc95ce3c5104ff32f2e59e95b12c343e2
SSDEEP

6144:QfXfSt0yzg0/2oC2A/RvUh0Ab93Sy/mWpDEStd9LySkdSWhVGFSERzOKLtG28s:MY0egk2olw8hL9iTQlPZqURzOKpG2v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9ce6cbb4bdb31988be18d66bf098910d6900f5056da7ebc89a33ea2183bdef1f

Files

b9489942b924b9fdb0449c9d04d3ed00.zip
.zip

Password: infected
9ce6cbb4bdb31988be18d66bf098910d6900f5056da7ebc89a33ea2183bdef1f
.exe windows:4 windows x86 arch:x86

Password: infected

96b3979b5690801ab1352b221c6097c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
PeekMessageW
GetCaretBlinkTime

kernel32

GetUserDefaultLangID
GlobalHandle

Sections

.text
Size: 429KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE