54f6d3d1484d76973c9eb242b8f1f235636caf26034cdf5f96062b99596048f8[.]exe[.]zip

General

Target

54f6d3d1484d76973c9eb242b8f1f235636caf26034cdf5f96062b99596048f8.exe.zip
Size

3.0MB
MD5

0ee15673d5cc74b886c85229f965eb98
SHA1

9f21f36dc6faad77ddd9ab04e54fc5f65a589b0e
SHA256

b2b775b1c0852aaf7f242fff47e38fa1a03ab0f3c755a650c0539829cb564825
SHA512

cb0d465a74c7f6da42896fe3c217c0b7c9db9d518e16e0bdc51823a3803a5265ec1bfd2410d1e02c4299eccba6f372272e6ab3a442097980d925c2534ded68cc
SSDEEP

49152:agWLGHCGMy7IoZEfxa1P8QdB6PFrAa8pn2Syb2fh9c2O1fkLXvYF3ndPFVEi9RAZ:agiOv6fQt6PF6+2fW10gldNVEFhjFxse

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/54f6d3d1484d76973c9eb242b8f1f235636caf26034cdf5f96062b99596048f8.exe

54f6d3d1484d76973c9eb242b8f1f235636caf26034cdf5f96062b99596048f8.exe.zip
.zip

Password: infected
54f6d3d1484d76973c9eb242b8f1f235636caf26034cdf5f96062b99596048f8.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ