ad0c0b6b81da28344e8444989150b63dc8b21fc88bd0b56fb5b3f7ff233ea810[.]zip

General

Target

ad0c0b6b81da28344e8444989150b63dc8b21fc88bd0b56fb5b3f7ff233ea810.zip
Size

223KB
MD5

491d100cecac04a304d522a6abd85cbe
SHA1

c8f48ccb89a1801580ec1a4ae059086980f236b8
SHA256

1833ac805b5f1922dd4504b920b53c2cb3d10f6e06912cce19a2603f6e96ff4f
SHA512

797eb09cd6bcdb5b4e95fb96d55dedb29c8e4d806fa916668de9d28117ad45969edd824a4b70a511835490591f28f50cff402de0169ca05bdd449b3251999885
SSDEEP

6144:Wx4MpZESISadfMgL+1BSNlwNRFyObXNwK:WtpZESISK0gK1B4SNR1bR

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ad0c0b6b81da28344e8444989150b63dc8b21fc88bd0b56fb5b3f7ff233ea810.bin

ad0c0b6b81da28344e8444989150b63dc8b21fc88bd0b56fb5b3f7ff233ea810.zip
.zip .ps1

Password: infected
ad0c0b6b81da28344e8444989150b63dc8b21fc88bd0b56fb5b3f7ff233ea810.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 304KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ