MDE_File_Sample_dc4d334d6c6969514c14f4b232e08ba31583ce35[.]zip

General

Target

MDE_File_Sample_dc4d334d6c6969514c14f4b232e08ba31583ce35.zip
Size

2.2MB
MD5

feb8b253a65014970d3e2f42ad4c4889
SHA1

82d151dfe0d1f8e47740a3c0f2ed47dd38c726c3
SHA256

e9c914d974bd3bf53477fbc789b0ec9fdd2178fc7f76f3816142ea1b32cd14bc
SHA512

29b4aacb3850153aeb2f0153bc9c1a71022c400348d2163385d352a55c311e0562e7a3122219fb3a2621ccfc4d4b791ce8537235a0007fb4f0f5bfba1a2fe79e
SSDEEP

49152:fQMevo8cr9tBKvt047Bs8DFCcv2VLGjYhwXW8bMPoAleXz4rD4RH:YMevIMa4ihTGz5TAey45

Score

N/A

MDE_File_Sample_dc4d334d6c6969514c14f4b232e08ba31583ce35.zip
.zip

Password: infected
HoAlTUYCD.exe
.exe windows x86

Password: infected

407e3b5378b3b0b56c578f72b3227fa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

ReleaseDC

gdi32

CreateDCA

Sections

.MPRESS1
Size: 2.2MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE