ffc4c81e72b82a12541e6db4549c72ed[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffc4c81e72b82a12541e6db4549c72ed.zip
Size

71KB
MD5

953d5770938843812b3893dcad5e25cd
SHA1

ef5ee7e463e9f2103f105fbb57d7e1960a6483bf
SHA256

33e4345c26fbf1c6abc0903488601eb8e62a89fbbeb8662fb6888e8dbc00bb2d
SHA512

f79af1107c8db693307d1d3a02c98541b215ef69d8f05ac5005bf8e7d711ca9c713c13ed8e14301984e488c983052c6affc18b3b6906749e770be6a94d9173f4
SSDEEP

1536:g3MJLKaMwOW/dZ7yFM0f4B/FIZgC/RAkwL0i7FRsZwFp13RzyjnZTfx2Agnj:g3MJLjMwOaDyFMT/+ZgppwoFFX8jnZtc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7eee1a1bfa5a6d511ef1e9e6a5dbe9bd4a9d3a5862eb10143a46da2e941c3397

Files

ffc4c81e72b82a12541e6db4549c72ed.zip
.zip

Password: infected
7eee1a1bfa5a6d511ef1e9e6a5dbe9bd4a9d3a5862eb10143a46da2e941c3397
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfcd
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE