ff43f5993139300bb62fa86f0b02c79e[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff43f5993139300bb62fa86f0b02c79e.zip
Size

99KB
MD5

fbd0f0019327326d51cab168e7669015
SHA1

3f11272dccefbfb4fbdb477ecfd4c04595b1f400
SHA256

509504804bb605ac5e205ddb5e4af615b48697d08bab3ee16bc0d73e77342ef3
SHA512

1f958799e048c4481c861e75b5ab0c770a3d2ed0ee77203df83f9c315409cd273b7a30aee13b1f7461e3a64d0a4e4011081f95983b13dd6fc65fff127a7fb44d
SSDEEP

3072:LB2sSK7XQhkyBYO1jakoIFcbtXwwn3s8Cf:LsXKLQnYOVaxgw3s8E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a39f9158e136087d4da56bef108ee49cf6c34daf29aa708548c511b0313ede76

Files

ff43f5993139300bb62fa86f0b02c79e.zip
.zip

Password: infected
a39f9158e136087d4da56bef108ee49cf6c34daf29aa708548c511b0313ede76
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

MEW
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE