b3b0890620117a0d8aaa96219d1ce97a[.]zip | Triage

Sharing

General

Target

b3b0890620117a0d8aaa96219d1ce97a.zip
Size

35KB
MD5

22e02e14212c3a6b5f221a8f33d1a5cf
SHA1

dedfcbff7b3dbfb38db17c1f1fa13419d3aec04f
SHA256

1168f47de6df8899ebb3cc0579958180ab386c12de0b030600fe4b2995a0c595
SHA512

4bca63d76b1f218037e4d3167b782b5afed2a6fd8c753876de71cf9a487256a7bfa120ba8616e069055fbd004105b8bfcdd61b1978717f21b80ae46573c9ae6e
SSDEEP

768:iwHJlMKIujOgf6JS7WKA+2oV9//1mCsyu33PXpFaYAyYwW8H3NHzI35O:bJlB+J8B9lmCsyq3RrAWW8H3BIg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dedeb89f64b194c456e75c4920bc28f227ca75852e4c1341fd05bc83f1191b0c

Files

b3b0890620117a0d8aaa96219d1ce97a.zip
.zip

Password: infected
dedeb89f64b194c456e75c4920bc28f227ca75852e4c1341fd05bc83f1191b0c
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ