12260191861[.]zip

General

Target

12260191861.zip
Size

506KB
MD5

24f9fe5992c242de190ccad588278e4b
SHA1

8addb2b1f144753639c2c907a20cd18e1e3f0adc
SHA256

aa1f27f36c68a4aa499814e40eb442341ed93759ee51b4839799a329dd9dd5db
SHA512

934a247e2fb807895a2ddfd750b940f7051cb41d135c95a2e4556f085fca6ed701a8e3deeb0b9644f7517c3a616a89d08e4c27d7f94236ec2751f2a6ffa3be33
SSDEEP

12288:KdylFWnNJwhl7YLmQ2CedLlvaVhMDI4rmiaXCv5YS9jDmUjA7fdUO7I3d6:KdCFIxxE8hMc4rNv2QmUDO06

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RECHNUNG.EXE

12260191861.zip
.zip

Password: infected
cff8092e8f347a96cccbc285c369b17e393096b962a210c6cd7a2df47d0b2e09
.iso

Password: infected
RECHNUNG.EXE
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 570KB - Virtual size: 570KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ