609462rPSJ77ieEy[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

609462rPSJ77ieEy.zip
Size

23.8MB
MD5

6b8a0d568c69b7ef81f90994c79d8d14
SHA1

81685ebfb63bd795affbfb336187802274ce33b4
SHA256

ecd8cb9a412c2bcfd997583323f398d9b87052b6650877d79e28abff96ea17e8
SHA512

dd5e55a5c33447df084442738a90d92bf8c02072dfed7d17010c34c7ae108ee7790b653c9776e998dd6898bd01a4ea49a183a4e104ec36d49e9322def7e199e0
SSDEEP

393216:40yfmmm5dc0Bjp9GyNWT7kx1TrkU/g0DriBa9ufWQVVXmg14JICYv3v:MQ249GyI0D8AiMwfWohQIv3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/609462_rPSJ77ieEy.exe

Files

609462rPSJ77ieEy.zip
.zip
609462_rPSJ77ieEy.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.5mgd1
Size: 15.1MB - Virtual size: 15.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.u1e6k4
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qa89u8
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
609462_rPSJ77ieEy.ini