615104_Rz1pnl7Ic[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

615104_Rz1pnl7Ic.zip
Size

21.6MB
MD5

b0cfd5e40fc00ad0da783a077daaa5d2
SHA1

9075109a4ad39c375fbc92d307c47c22ae998ac3
SHA256

35c4a62cb51cca7801100623ff44399fc9208a9aa8e0166627df546bd72b5111
SHA512

62cf04406021998110dec85a3284ac33002b4b5db43dd9387729893643cd8c1933d277bce5ef55b0b753b672ab4058dd456e0f5d1cb08e2e5d56014c56ea078c
SSDEEP

393216:gjna3S7giotxTt6EcnEtSezUbb+i/iOPDEXv6sJnhbRHp2qR4fYd63LbL1d:4nL7gicx4JzK3inDE/6EnFRHp83LbLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/615104_Rz1pnl7Ic.exe

Files

615104_Rz1pnl7Ic.zip
.zip

Password: g4g42g24h
615104_Rz1pnl7Ic.exe
.exe windows:6 windows x64 arch:x64

Password: g4g42g24h

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cnapyy
Size: 14.0MB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jfjoi6
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7vo
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
615104_Rz1pnl7Ic.ini