241009-g5amvs1c7v_pw_infected[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

241009-g5amvs1c7v_pw_infected.zip
Size

12KB
MD5

68a08c4e6573c1953c72cd5b129d3be8
SHA1

6f3325e440f66ade567acc6d6b9e5f94275cdb54
SHA256

d2b0eed9eb77c78a6385dab9dbd57e993ffe52916666490c6b038908483d440a
SHA512

31fca2696663e411dc379d22a69ecdee7eaef7ff00b2718fe0696fc4785c13519bea1c61a9e4215bf984d702237fe1a62c62eeedd1e90364225a4a764107a1f2
SSDEEP

192:18PWD6sYuBB3zVKS1Ww0y7EOM8kCrXVWrgLLEp8Hlbe6ucxVoCdFDojO8tKRxO9k:1D6sYmzAG0UEOM8VsrmEp8E6usz8EEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c80df944d146d2e7b42b0dc4a2a79ddb41e3440216bc6cf795389b41d00842c9

Files

241009-g5amvs1c7v_pw_infected.zip
.zip

Password: infected
c80df944d146d2e7b42b0dc4a2a79ddb41e3440216bc6cf795389b41d00842c9
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ