003b1ad87090731c93aee6df065fa0c3[.]zip | Triage

Sharing

General

Target

003b1ad87090731c93aee6df065fa0c3.zip
Size

1.5MB
MD5

dac4c23c47d7a073c00b3fbdfb30e465
SHA1

654af8e9c81f61dd4b55f1b7dee6974e5901a97e
SHA256

43d848d372fc9c3ee98dbdfd667b935dac5d20f61b7e3a1b73763efca93ea0dc
SHA512

335bb1c298a9e041c7eb9a4f3747e1fc76ebb58de01ae6689a5f335a10ff4080bea84fd351d66d742da28b46229b22aea5c77ad8ce17eda23de17ae5b4267767
SSDEEP

49152:GYAXpHRz7chsW2A3hhDnd7YnPO/cwnN1I:GY+tzWFDnd0nKpI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5fa9a5f07976fa1e2364a7a0e0c268bbfc3c45f1ed76471b2c7b6bc2dd30dfb9

Files

003b1ad87090731c93aee6df065fa0c3.zip
.zip

Password: infected
5fa9a5f07976fa1e2364a7a0e0c268bbfc3c45f1ed76471b2c7b6bc2dd30dfb9
.exe windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 484KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

petite
Size: 676B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ