30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa[.]exe[.]zip

General

Target

30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe.zip
Size

3.0MB
MD5

239811a41cca0c83d17f04ee1449a06b
SHA1

896a32f4fe275506758d79d658665cd2ba56248c
SHA256

9bfe1f250036c8b8a26b62da30516674b16b26c2ebad9ac3906e3821affea723
SHA512

a0a87acb9cd3d74d8c688dbee844b385bf1e16a2ecec7baaaf4cbf0841d8a6706832b7c309461a423a4e0e2f28891864915d19b02f674040a47edb3e459046e4
SSDEEP

49152:3I5P9I43GIHcNQWIomAeXZzNhXwJw6RK+EV6VKh5/ngNq92kMDYFbI5+T2uvAG:3G6NbdIpxzfgZRdVc/Jdu5hG

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe

30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe.zip
.zip

Password: infected
30cdb2fdf78a92ab5a7f9ee957ff737810f4e989efeb8cf0a4fcf76b6d8ff5aa.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ