f688c8e0e7f880cd42298e498abc6b45[.]zip | Triage

Sharing

General

Target

f688c8e0e7f880cd42298e498abc6b45.zip
Size

88KB
MD5

28c2f35c608e1685155fc882371d8093
SHA1

ca961ee8dfa831d4a620dca5cdffdbfa5e8852a9
SHA256

d631bffeccd3e0e719461288134c8036fa5f30af3b5ca553e7db6e48e2742f2b
SHA512

5fca5abc70e6fe48e96f095fae7ed2eb6d4d01f997baa4f03d8666a14669b32d9699e415d79f0b37fa18fbe9a075e96c7d5b5f1e3049bd6f2eb62521d3d37084
SSDEEP

1536:T3gzh5TpqyD1yoq8V/mt2V+ZLd30MToCjhT12mo8SA+viJd8s5SmlGJEUe3T+:T3UhSyD058V+t2sZB30WoCjhx2TnA+aS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b35cf5e8d865392d3d2fa363dacb4b4c3e6115f814eaba7809d66e2f7254d2d7

Files

f688c8e0e7f880cd42298e498abc6b45.zip
.zip

Password: infected
b35cf5e8d865392d3d2fa363dacb4b4c3e6115f814eaba7809d66e2f7254d2d7
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ