c63adf9e3d75851465d2303cb9689863[.]zip | Triage

Sharing

General

Target

c63adf9e3d75851465d2303cb9689863.zip
Size

40KB
MD5

697b5f7524d876fabd74ad444d18c479
SHA1

09be20190031530ded2ea7dfdec3a262f7f0ae76
SHA256

5fa81c7bd9ddf6421a56bc23a4c1df29648f4cc3fd23f3db01eb2574824de7cb
SHA512

ffc7d75dc002d1eceee628d15111840aa2c59c287852aa1e351798476881b1fc1fd76c0ce01ec12babbb8f73ea2728a3e28e7dd4f09ce483a86bba47b083974e
SSDEEP

768:Q3eRxmzSsIegrmoC8IjgISVNIFt9zb1z4IypmmdtQNZqR8R:0CxmznAcN8dVKZzbN4Iy3diZ48R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a73629af9f2ed6b832477bbf8b0e5562f155f664cefaefad1be7e1143630a290

Files

c63adf9e3d75851465d2303cb9689863.zip
.zip

Password: infected
a73629af9f2ed6b832477bbf8b0e5562f155f664cefaefad1be7e1143630a290
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE