20828041694[.]zip | Triage

Sharing

General

Target

20828041694.zip
Size

603KB
MD5

95a2f0ad810dc34575e008ee754da3d0
SHA1

e85bb0d624ea8fa1752a29f12dbe03e3673b33fd
SHA256

d18e337f970838ef8c730540a54f08657d880b101f3ab74195aed2f58dc1de8a
SHA512

796e55019c260a8266b64b8996febbbb55815ac46a9bc6ffd28cceeef6dca5716ae4dc02619731c25456ef741c26aa7aa28c74f6e58600925741e8dee6e8feac
SSDEEP

12288:3E3v3JVQAvJOrYOQaY/suMiPCa46fGfETfR9XlGxtl2vIl4jdXuL:3g3r1zaYpMANGwGl2Al4VI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/58879edd3284514b87354482a1822e21b78274c597b2fa384198cad00c1e8f91

Files

20828041694.zip
.zip

Password: infected
58879edd3284514b87354482a1822e21b78274c597b2fa384198cad00c1e8f91
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 758KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ