699d2399b4a21350028d1491eb0560c8[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

699d2399b4a21350028d1491eb0560c8.zip
Size

3.0MB
MD5

cb6e0586fbee82107390358bd339e1f7
SHA1

246b35595adc3eb772d6acd2738cb41794296d34
SHA256

cdbb88b99e478674b77d872d233d11175c4cdae15febca3bc92dbee8c3eb1fcf
SHA512

9901afcf5a87c616c9e1526f9c8113c0f31c8055858e3f18668509c371bdb172695986e9ceb96464a78ac494423315b83e5b7177f8d8b93dab70bf5aa743e441
SSDEEP

49152:a1ypu1BQuisjG5E1O8DCHhk3jZKlkuanGlt3eNbFm99f/Q94u/OntLfsD:BpgTh1OuCHwjIlkuaCt3W87Q94u/0AD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dab736a1c533668dfdc04953965170274e59b1dc76b3e14c3517aa9d227c8334

Files

699d2399b4a21350028d1491eb0560c8.zip
.zip

Password: infected
dab736a1c533668dfdc04953965170274e59b1dc76b3e14c3517aa9d227c8334
.exe windows:1 windows x86 arch:x86

Password: infected

500ff1538958cc73738bf0c262a1773f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

MessageBoxA

Sections

.dafixer
Size: 541KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 560KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dafixer
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE