b7bd843613695172e7ac6d1d0da0c50c[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7bd843613695172e7ac6d1d0da0c50c.zip
Size

190KB
MD5

ae782863873bbeba9b236058021a9ab7
SHA1

0e2a7a833e44a6422e3c080e7ca3567f75b0b618
SHA256

cd5c0741e9ae8c2e55ec2dfd139b306440ce2d1b97ccb0d8e76fb1e208f0145f
SHA512

6782e3e665ba2d0a151420e45c19d7a0d969ce3382dcbc3c03a45a28652832b2c46c791f6c9199e654f487d4d41a0a898986485a992ec3fd91d03282b46c3583
SSDEEP

3072:MIAyAb2ftFeCqyiaLsIUcDS5sCX6gr7gHkf6WNd45G/JUsnfovw33IvCJfmyk9Nq:M9ZSftFFt3NSarZEfTN4G/toI0CJfmyT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/387f8396b1c5a8bb02a814f5ec7302c40ce6a3308f4470591f2666bc4bfcb4e6

Files

b7bd843613695172e7ac6d1d0da0c50c.zip
.zip

Password: infected
387f8396b1c5a8bb02a814f5ec7302c40ce6a3308f4470591f2666bc4bfcb4e6
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ