bdf00f92a1a06df314a8edd867c5a45e[.]zip | Triage

Sharing

General

Target

bdf00f92a1a06df314a8edd867c5a45e.zip
Size

573KB
MD5

a3bc68767cd365e5b8f40d9be45a3778
SHA1

d38d8cf5ac765127854cec73c478451470a2b409
SHA256

bf822ec47b562c8067c24397e77e91f3ed9107237152843480f12e945ce05940
SHA512

51f39d2b2c2a8f7a2e8af171a583f67fae3e3dd1d4c1995c279b4e8ca728dd7f453faa7c5503a83623e7f0ef686269c75db31e043c347e15c9c80fdbc583dd3a
SSDEEP

12288:motEW7Vs9+cwpIBcUSm7lOwaxxLHab2nPsk3WBqAcC6bdCqJeyxrkV+Lx:m032+cwpIBc1m7fMxrafBqmWWyxy2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e59150e5c2e49772bb573492df8dd17cff30f78b23bc2574d8c19dab1551cf40

Files

bdf00f92a1a06df314a8edd867c5a45e.zip
.zip

Password: infected
e59150e5c2e49772bb573492df8dd17cff30f78b23bc2574d8c19dab1551cf40
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

Gf\I;Y
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ