372ee585c99322e907a602ecddb6ea6faeda95bb9cb1b8e8ed19e4c5ccdf4489[.]exe[.]zip

General

Target

372ee585c99322e907a602ecddb6ea6faeda95bb9cb1b8e8ed19e4c5ccdf4489.exe.zip
Size

4.3MB
MD5

ba77a738da3efe895709c7cd2d87c3b0
SHA1

644a4c07f7fe959f2eac1fdb3ad9f8a5072b7475
SHA256

f64f1edacb9f632a4ac8b80d11ef33e45827b950b959451b27544c926f5ae938
SHA512

de1aad69c630d7797bd6f39c8250baded737b8ab1bed2d88cfd6f7f2f81eedd51d0b2e4f446a7cc8a97d1e2c9506a37756929cffe74022b837abb1ff6c67b21d
SSDEEP

98304:Za1oEkx1b/Kb6mxJ7DElAgOtFAi1lvQOjLu0+1Y9cnLSS85bB:o1kaX8qXNlvxHuhFo59

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/372ee585c99322e907a602ecddb6ea6faeda95bb9cb1b8e8ed19e4c5ccdf4489.exe

372ee585c99322e907a602ecddb6ea6faeda95bb9cb1b8e8ed19e4c5ccdf4489.exe.zip
.zip

Password: infected
372ee585c99322e907a602ecddb6ea6faeda95bb9cb1b8e8ed19e4c5ccdf4489.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ