6491626d56e9b8eb34691cc7d0417cd8[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6491626d56e9b8eb34691cc7d0417cd8.zip
Size

662KB
MD5

b6a22185ad7fc909c95980012311c342
SHA1

b2d409517b6f9e7b56922e29e3eae3a3fd4b44d1
SHA256

3f6b4d5c0292dc9cae26e8216fd76f0071b859f46510a19af041b70ae365369b
SHA512

229c09b9440964467eeeb3e539e7243e556b1930d3344d8e97debe5c25c6d98c667a86cd0c075093528d69e1ffa5716ddbe7f5a1b0070289540d022bd6889fc3
SSDEEP

12288:UIqI7++n/gjMW/suYPxQ5IBK38+rAfVURsHk5mqTpPnS8QQbGxUz4Xjh:UHFJgWToaI83pCVM5m8pzvGCz4Th

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/831af170391d50ed721c0ef4bb964353bab6e0897ac9fe259dca5066dab5a61b

Files

6491626d56e9b8eb34691cc7d0417cd8.zip
.zip

Password: infected
831af170391d50ed721c0ef4bb964353bab6e0897ac9fe259dca5066dab5a61b
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

uioegegwhugwehogwewgehwgewgeiwegwegw

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ