loader[.]zip | Triage

Sharing

General

Target

loader.zip
Size

2.0MB
MD5

d5a0710422f411db980e3da726986c80
SHA1

035ba8661562add61e6af6d3306b5ed178442962
SHA256

6fb0dc970c9f32a9d3442fdd3d4838ceda9ce5d4ef26d8a21f70ea6feb05900d
SHA512

0d1d484d811a0dd50ffce81ca70be169fc63f9b16870485cfc54144142fa36f94ba25e9e969c4800afc9a08e6bb4d17ea4cb64e170f46028d523fe01909e3e7c
SSDEEP

49152:thryxq7HJ34PnIMcrCyih2YFVw6Mt80YIR0K1UjmTYtsU3UE7c:thr7HOdOAHtu8e1GUYts+b7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/newuimatrix.exe
unpack001/olduimatrix.exe

Files

loader.zip
.zip

Password: lol
newuimatrix.exe
.exe windows:6 windows x64 arch:x64

Password: lol

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

MTX0
Size: - Virtual size: 704KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MTX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
olduimatrix.exe
.exe windows:6 windows x64 arch:x64

Password: lol

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

MTX0
Size: - Virtual size: 732KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MTX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE