Zuma's Revenge[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Zuma's Revenge.exe
Size

102.4MB
MD5

7e8175ab94d4a79c5b040bc0f705014b
SHA1

d9921d9f736a1549f7b6f9893dc42fd4d715dd0c
SHA256

47b6f94798b4876618fe9448ff8c7db18a5d6704400afd20b66f1f47c6494209
SHA512

eaca8d141d970c82177c1590b93ff5d70c542a0c72e4c4ba836b302cbba1354a07f5ac533d9670f59fe584ddba93267b2cb1bad39c383be07b913df9b634da38
SSDEEP

1572864:q+HWmhXsyh0ccXt5wjfpzSx7EioA+8ggt5bdvgPBKow5Yga5AOdimErYMoIrUj:Zjhft4+pm7E5A+87Hdu1w5YJ59dxE/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Zuma's Revenge.exe

Files

Zuma's Revenge.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ