fb8656627d8b30f8f6a5673f18529a8b[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb8656627d8b30f8f6a5673f18529a8b.zip
Size

146KB
MD5

00e3fcdeb810a1640e907836d776d9e9
SHA1

5fd0d1ccf1c8185c5905c321e7384105ba63374b
SHA256

95a1c884005ae958a02ddd77d1fa7d3277f2894cb55b9b799ae98b8f35bd71ca
SHA512

4d19e71208aec10640d81ff42c7b1994341a8c9561fe118526e795a153267df6757412b19068ee70dae8d8bd831bee45817d0323892eec402ce16dad70668dd8
SSDEEP

3072:bYRFaKRIINfh+2CWlbkkKBGRWT7bx0GWvI21hGXjXAP0BUx:bYRFaSLiWygRWT7bx/eIah2kB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4e0ac4f196ab6911f61a4bb9ee6b963be52bb561d87724af4cc1480ac427245f

Files

fb8656627d8b30f8f6a5673f18529a8b.zip
.zip

Password: infected
4e0ac4f196ab6911f61a4bb9ee6b963be52bb561d87724af4cc1480ac427245f
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE