f9e34c14-369c-11e8-bfe9-80e65024849a[.]file[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9e34c14-369c-11e8-bfe9-80e65024849a.file.zip
Size

173KB
MD5

7945e7abaf3f1157ca5fb59e65e22a5f
SHA1

11c6833ecb4cef74a5a5026908c3316e8b17461a
SHA256

b14c10dae91928236bf08d0d502dd238b2acbb95ca3390f69f8fa1f4c8276dfa
SHA512

5aacf477952e95f69178834f78b96ed979b30a6b90317ef7cc99f5045908f59c30a2ba168d2dbd9f0bce7799d0d237ac71a032e914d4b6c587ae81ae029fb6fe
SSDEEP

3072:rhRVqrXe+5do07tu0pTPrmguDmn0oNxtUUw0TG98ZX0Wxe2m/MYXi5GSbBNtzXY3:fkrXe+5iaDpTag2YLNxWMZ/7KiI8XY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f9e34c14-369c-11e8-bfe9-80e65024849a.file

Files

f9e34c14-369c-11e8-bfe9-80e65024849a.file.zip
.zip

Password: infected
f9e34c14-369c-11e8-bfe9-80e65024849a.file
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ