6b4d4e292b95f3c491a758e750da35a9[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b4d4e292b95f3c491a758e750da35a9.zip
Size

110KB
MD5

1516133fd024b5ac7316fcfe334e61a5
SHA1

9956fe231c09b0bbda3587a02a170659d652542e
SHA256

ba877ef8c276aa0afef0b9e7c128dfd889596531bae945a550b52622c0ff4d6b
SHA512

3f660f7b9fd99d31cfa4c23e40efe7fb43272f302a7508ae0113fd5170f1ad441c011b2381e3f2990cfe0e12c0a2a1257b0737ab1f16d526f0a9e04dc5140326
SSDEEP

3072:ybg4PTujnHJJ/Q7gjY5xvWQUNSj41Y4XYwgxdslevja:ybVPTMJygsHvisjiXBgXKH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d8275c91e826a6f0cf3996bca936f058a3fe7ec670da38ec65bc82d4e40e9765

Files

6b4d4e292b95f3c491a758e750da35a9.zip
.zip

Password: infected
d8275c91e826a6f0cf3996bca936f058a3fe7ec670da38ec65bc82d4e40e9765
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ