191f37184e518b89ae6f0a1a5891cbb85beabd38e5888064f0e1fde295e48b7e[.]zip

General

Target

191f37184e518b89ae6f0a1a5891cbb85beabd38e5888064f0e1fde295e48b7e.zip
Size

346KB
MD5

5632dba64382fe2aaf231aa5719d2d4c
SHA1

d83c9d4ae7a71cf51b31fe1c1c1ac7af9d3bf335
SHA256

01e7cec6d8c6c3df3abbcbc845606b6033ecd5d1c2db32f2cb8da56ca80f1d38
SHA512

8268c0b36fff8dd519b837fb438a355ffc57c166bc74533e61938028b5af1ca045151499166b8d2cc216b95fc0ee8d7da90ad98f2a99a23250066a967b32cb9a
SSDEEP

6144:C9dUEFSP25OfgXz7vqb79g4vMKkJuNv4m1J0i2LfnAIXWoxqee92SC:C9dUeUkOfgXPJ403Sv4Pi2nRw92SC

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Invoice # 78600/Invoice # 78600667766.exe

191f37184e518b89ae6f0a1a5891cbb85beabd38e5888064f0e1fde295e48b7e.zip
.zip

Password: infected
191f37184e518b89ae6f0a1a5891cbb85beabd38e5888064f0e1fde295e48b7e.7z
.rar
Invoice # 78600/Invoice # 78600667766.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 511KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ