d1ad51637cf72a0fdf426e26689b4267[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d1ad51637cf72a0fdf426e26689b4267.zip
Size

234KB
MD5

74ebed9e5ded9318dbe7dafa5bb73af9
SHA1

5b5c182f6511938f55f3c01c57ca318e18979312
SHA256

1295cf545979073452e57114bd125b88695fec0c4bc4a28cda62d48121f9a935
SHA512

049be3a8076904e042a744987895d8824931d8b1055f95201b08b43605af3d1fc77c93a0f71c01b700563dffa7f5e9963897a1117c9a1dbb16c9aff0e88946b7
SSDEEP

6144:wh4K7wXTppC7oC1emNB0CmFLadH2mU8RTr55YZKkyaz:FK7wXTy7m40rudHp3TrrYZK3az

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6ec02253eb05e5caaa66f3df8af7faf456e6a864c4168c3aee58a026d7909425

Files

d1ad51637cf72a0fdf426e26689b4267.zip
.zip

Password: infected
6ec02253eb05e5caaa66f3df8af7faf456e6a864c4168c3aee58a026d7909425
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ