25092024_0531_23092024_ALJ160924[.]tgz | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25092024_0531_23092024_ALJ160924.tgz
Size

25KB
MD5

c9ae4ffc9db502a772871d122d83b05f
SHA1

affef14eb3fe489c06fefb12240d926b7cbf593b
SHA256

65c161c1d208bc5db58a236939ef703b0fece2fde46ec522441e37406634c5bf
SHA512

e4eeb77b361a4d83fd41cf01c3067c87c201cff0d99f67669c58b35ae6b66084186e8dd88247b5908bb80bd1b836da9e9b0ed6360c6984ef803e9fe65a50efa2
SSDEEP

768:wficwgK7f3Ew7r3rr8h7ZQ1xh0leHYZN4jBkC:wrw/r3P7Lrr8pe1xSle4ZN4GC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ALJ160924.scr

Files

25092024_0531_23092024_ALJ160924.tgz
.rar

Password: infected
ALJ160924.scr
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ