0c4890604862fe9bf875c1e8bdb13895[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c4890604862fe9bf875c1e8bdb13895.zip
Size

7.3MB
MD5

abf17e860e4286f7c4449a4641d4614c
SHA1

904816895df88277da327ed0d390b4b141ef7bb5
SHA256

541cf56ae3c945fc2b5c24e473dcbdbadb4dc97c372fb10205d00616661e9a87
SHA512

e386b9d3d2f8a2a36f4929cbdcec559f53a086b6413c5dc89f6874189a5ddddd9209167234a87268af2f55416ab23f50872b3b3d9875bef5bb4a4412bc9f7801
SSDEEP

196608:wZtYpFOCAHzbaIGSkcRr6K6J2CcLAsc6HiGrV+A6+5zX:wQpA9zba1SkcRrRnvCw+aR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/70b9d5708d49ff27103be55f060368a4f450481122361acdc6af23e3d4b3903a

Files

0c4890604862fe9bf875c1e8bdb13895.zip
.zip

Password: infected
70b9d5708d49ff27103be55f060368a4f450481122361acdc6af23e3d4b3903a
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ