13be9f5d359e32a23387fd0636e5a68fa159997208dcc78d4c3bb16b21833df9[.]exe[.]zip

General

Target

13be9f5d359e32a23387fd0636e5a68fa159997208dcc78d4c3bb16b21833df9.exe.zip
Size

1.3MB
MD5

40cce0ae03b9c424d1d30595c20cc52b
SHA1

2b33ca48e01e6f23cea00139c75b6f8bc3898814
SHA256

b8e0176497b8919a7a4f95f01abccf60da1edf90c2b43af0bdb512a303c2d980
SHA512

1a7dd9a1358dc587e1ca5fee3c5d59b463e9bdd124f582ce48b19c9e5fea0abcefe5745c0b0210d0bb132c7f5a30c76bfbcf823958d625b7b545e06e2f36ee45
SSDEEP

24576:557C9w9Rwxsvk35wYzcMy0vgJ3GzGh+AROCIYzGowXj37fh6GID8KIDnSxjl:+9iRowlMy0v0G/AROGCok77fh2DREWZ

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/13be9f5d359e32a23387fd0636e5a68fa159997208dcc78d4c3bb16b21833df9.exe

13be9f5d359e32a23387fd0636e5a68fa159997208dcc78d4c3bb16b21833df9.exe.zip
.zip

Password: infected
13be9f5d359e32a23387fd0636e5a68fa159997208dcc78d4c3bb16b21833df9.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ