2c1fffdf02fe8dd60bf43d0027b2df56b1cf059bb3adcdbbc3b973dd2e4b33db

Sharing

Copy URL

Twitter E-mail

General

Target

2c1fffdf02fe8dd60bf43d0027b2df56b1cf059bb3adcdbbc3b973dd2e4b33db
Size

1.2MB
MD5

2155c87b9d7aa1952a1822e8104218ca
SHA1

1fa8d94d347398c2f2bc204c55f29bb14bfbe417
SHA256

2c1fffdf02fe8dd60bf43d0027b2df56b1cf059bb3adcdbbc3b973dd2e4b33db
SHA512

5c28f175064f800f666db9bccdbfd8920e9ea61833c4c9ea9a91b5ba76325b220af9fcbef11314b796146661829c726305e3dd47aa063a8cda8bfbf7e7b9f6f4
SSDEEP

24576:gbLaiHlqdUQAv1VewGbvDHJDDcZreXhb4zLlQ1j+I1vukJigs:Y+iCAv1fuDHtDrJ4zhQsIZzns

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack003/Nov Vessel Updated Notice - HMM RAON V.002W.scr
unpack003/REVISED ISF Simple Data Template - .TAIPEI PORT.scr

Files

2c1fffdf02fe8dd60bf43d0027b2df56b1cf059bb3adcdbbc3b973dd2e4b33db
.zip

Password: infected
e4a923dfc35d73fc8fde8b4e0a0247935ce64505f4b23e605a6f0ebc842a7833.zip
.zip

Password: infected
e4a923dfc35d73fc8fde8b4e0a0247935ce64505f4b23e605a6f0ebc842a7833
.zip
Nov Vessel Updated Notice - HMM RAON V.002W.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 542KB - Virtual size: 541KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
REVISED ISF Simple Data Template - .TAIPEI PORT.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 936KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 542KB - Virtual size: 541KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 936KB - Virtual size: 936KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 542KB - Virtual size: 541KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 936KB - Virtual size: 936KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B