610b29ff3f306358f9ebbb6314763b97[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

610b29ff3f306358f9ebbb6314763b97.zip
Size

75KB
MD5

137c4ac36f5f0f5137741a04318ae4cf
SHA1

92a980e326b62b49540e9600e103c57727d5eb94
SHA256

5b2cd356f052d24ab56815be2c176267d5655fd13d950b58f2b0b5a86a1b28c3
SHA512

94e32a3df6ba1ecd05bf058558f589c00f2b8f737103d016f41d5e839434b48dc452b1881f71e7138dcd04a3a2fd89892694541ca8d36d8f3c2ea90760fc01f3
SSDEEP

1536:rH4pPD3F0OeVEPu3VG8CFzWyJotqRxE2han9vzG/CWSh+8UD:ID3FvmcZFzRmkx/han9rG/Uh+8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/492c3e6f7d6469282c5cc3521001f8ba8988940f5d1d47a1845a02ab6d068d7d

Files

610b29ff3f306358f9ebbb6314763b97.zip
.zip

Password: infected
492c3e6f7d6469282c5cc3521001f8ba8988940f5d1d47a1845a02ab6d068d7d
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE