70555d92aa4830a8d499f476cc44aff0[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70555d92aa4830a8d499f476cc44aff0.zip
Size

14.6MB
MD5

e2a9e06eedd877f15c620f889c393621
SHA1

6b563c7c89792b0c7bbc6dafb2e4362ecee386b0
SHA256

c6fd5c71a272e7b6c2410a12e5817295a8a5e1da41eeb53e1af3f79b95e27bcf
SHA512

fafb192eff752704c0dac3d82097bcfb2990d90c4ea8a2b90b6dec132cfa9987a4c57762c9d493da58f4aae768ca6ae6a7552d6ff6b0e41c2a1ccae93858a793
SSDEEP

393216:6IW5WzvFujDzwFWuCAjF2Tc5ov4lYszUD51Da27t:6krYwC1NvMPYVJaY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/04a44f0fd419937a551b251a9c3970760dd658f127912b819cebf9250ac0f951

Files

70555d92aa4830a8d499f476cc44aff0.zip
.zip

Password: infected
04a44f0fd419937a551b251a9c3970760dd658f127912b819cebf9250ac0f951
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ