5ef389ad3baafcf9e1b79f18fe21af1a[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ef389ad3baafcf9e1b79f18fe21af1a.zip
Size

209KB
MD5

fb812c64062900558647d8f0b8d2e1d6
SHA1

3f865286969ec0589c4eff261e5980031cfbd881
SHA256

23a775d6e291fcf94d778bae8d812e2ab559d0d10301c60a9576cb5d9c6acf71
SHA512

9bde735ed85ac7984df92bd86ea5463cf22ff578f976ecd823ee5960105a401e947890a76436e71ef6170eb760749a497dd1b58cf51324afe82b6bc4548f8286
SSDEEP

6144:JODokLr3F6pu0jIEyr8bD1QBGm6Bj9u+sg7FhzwE:JmhLKEVorXhpwE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b1f7d5fa422d433e4f32c132c91e8e01f3514dc2e2869913744d5de6ea1bc50a

Files

5ef389ad3baafcf9e1b79f18fe21af1a.zip
.zip

Password: infected
b1f7d5fa422d433e4f32c132c91e8e01f3514dc2e2869913744d5de6ea1bc50a
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ