2639445988d9173a2f4e1f95d3ab6062[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2639445988d9173a2f4e1f95d3ab6062.zip
Size

457KB
MD5

975e0dbe4b5792087105871369116b94
SHA1

52f3ad1746e0214e181e81ab4c4e4b3b76bda498
SHA256

2c12e7822631bc3c6d0c37157f6f58da33c30a500ceb9b69b71705cf8139f227
SHA512

ef176916ee36b0f386421df1bd54abc7165501bd195152bccf682b881534df1d7c42f48ee1a6add42f373ca5049632b0ba04ecc698d1e6aa8e74e358c19fdc57
SSDEEP

6144:0zdhp2CWnK1km0Y9TG+I92uOLHoyteKaj9ZOv2TDQupBl6IPClY+Dw1SiqXcPaXS:KWnEk2G+1Q1j9ZOvu0ub9Ki2Qagvumnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f95c8ace1331a172303a2f2cea8edc805203156e499012df465a158246495cce

Files

2639445988d9173a2f4e1f95d3ab6062.zip
.zip

Password: infected
f95c8ace1331a172303a2f2cea8edc805203156e499012df465a158246495cce
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 602KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ