ap-file-zerod[.]evoengine[.]exe-1542067627[.]zip

General

Target

ap-file-zerod.evoengine.exe-1542067627.zip
Size

52KB
MD5

5327980b0311e3563a5ff9f674ed107e
SHA1

083bdd934a67ea932b69bba5aaf3c1b01e711c38
SHA256

8755631a163020287a192eb85a0b8ad2bddc544f42c65f3627eb09c7bc2807a2
SHA512

8265f8fa78c7d765f812aed9eb3419787352d33a0c2d76b871c83a470cbabbc5cfee9ba48348fdd45703157df0a8953dfdb655a5eef6c1737e9a28c5ab55c331
SSDEEP

1536:F+mrKZdmp6bKSAX9h2NV/dX0Aa7N4GM1m:Fjrfp1Q7hamGB

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/zerod.evoengine.exe

ap-file-zerod.evoengine.exe-1542067627.zip
.zip

Password: cautionhandlewithcare
zerod.evoengine.exe
.exe windows x86

Password: cautionhandlewithcare

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zerod.evoengine.exe.METADATA