4794789de784ee0741a3ef029f7657ea237816900902705cd045df7839ed0f45[.]exe[.]zip

General

Target

4794789de784ee0741a3ef029f7657ea237816900902705cd045df7839ed0f45.exe.zip
Size

754KB
MD5

3264ddea0a707dea6ca8becffe10fac3
SHA1

e4d8093cc581cee72185e81352ef47fc83e407aa
SHA256

dad15c432b3c501ea259e4af8d394f3366a96b93ad27207abedd14e3cdc08816
SHA512

a876d07319ca28b213b7f33a71f96d7dda3fd2065e64bb27b95a218804876a25cccf7b8acdf43467cddb24d1c067b11da27b79593c6b1820f7d851194b6f99b4
SSDEEP

12288:3CwQ0A+h97lsaBi0PvYOj4MIt1iDL724FU3LrEnnJPGKSqIiTHYA4GkBLk7RtS:G+hrsaBiUYMB37daGnJuvjiLYA0BwRtS

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4794789de784ee0741a3ef029f7657ea237816900902705cd045df7839ed0f45.exe

4794789de784ee0741a3ef029f7657ea237816900902705cd045df7839ed0f45.exe.zip
.zip

Password: infected
4794789de784ee0741a3ef029f7657ea237816900902705cd045df7839ed0f45.exe
.exe windows:6 windows x86

e1beb25e9ba6465f9abcbd6c2d69dff7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wsprintfW

qt5widgets

??1QMenu@@UAE@XZ

qt5gui

??1QPen@@QAE@XZ

qt5network

??1QHostInfo@@QAE@XZ

qt5core

??1QUrl@@QAE@XZ

rpcrt4

UuidCreate

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

sensapi

IsNetworkAlive

ntdll

NtClose

ws2_32

WSAGetLastError

version

VerQueryValueW

winhttp

WinHttpOpen

advapi32

RegEnumKeyW

shell32

CommandLineToArgvW

Sections

.MPRESS1
Size: 717KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE