396c7782c5628a7751fb165acaccd752[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

396c7782c5628a7751fb165acaccd752.zip
Size

14.6MB
MD5

a007f84cf69b02f05f56d4e9b130a5f0
SHA1

14c4bcbb19ab821bb1ea9cd6c022c9ad7ac05a75
SHA256

dc7b629ae4b34ea5b4d9ea8fd046e202cefab843a9383298ca8da4da059509a0
SHA512

a0326c23a56815a14994bf3ee6409e8baac42d0f2bb3ec2c610432a2b6e6dbe11ca0a4a40067115535b5f96782f5a2e837cc230c2b7bfabb771133f7c1949705
SSDEEP

393216:dlgyD/Ppu4mgeTnsTHX7Vq70JVrYzD/ort:lD/P04mgeTns9O0JVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0c9cffc570170a462b4c3a0cad6bcf22e306ce14c00e432ae59b14d78f6729a0

Files

396c7782c5628a7751fb165acaccd752.zip
.zip

Password: infected
0c9cffc570170a462b4c3a0cad6bcf22e306ce14c00e432ae59b14d78f6729a0
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ