a2924fef266f8bd1bf26c3ea312d5e7411b358cfded21878875eb60e824c4bd2[.]zip

General

Target

a2924fef266f8bd1bf26c3ea312d5e7411b358cfded21878875eb60e824c4bd2.zip
Size

100KB
MD5

37c62fa616a509a35232bab0e5329f45
SHA1

43ac01ba11ac82f9dd52a5b326f2cb2652cdc560
SHA256

94f3c4e8f7b6a4030a99fb5d5ef58063664e0431ef20b6c6926d1d9f42527fe1
SHA512

6193f1424629d49f44e2be4aad9f742e9f38c6870561da2fab30d2821a6bbc3a8ace09d808b3084550b44b94fd08e1eeee0a6944fefb4d426a401e1468e1c30a
SSDEEP

1536:VYEvjaK/h1CbjP2NwK2kvCcQhk25jzBALubDXH7Oj5x7iKDbo+8qJIqu6ikCy8oN:hQf6LvCKEH4XDboviPuTkCy8og/uszpE

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a2924fef266f8bd1bf26c3ea312d5e7411b358cfded21878875eb60e824c4bd2

a2924fef266f8bd1bf26c3ea312d5e7411b358cfded21878875eb60e824c4bd2.zip
.zip

Password: threatbook
a2924fef266f8bd1bf26c3ea312d5e7411b358cfded21878875eb60e824c4bd2
.exe windows:4 windows x86

Password: threatbook

63e53666d9f30578911492c83ee522e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscmp
malloc
_initterm
free

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
LocalAlloc
LocalFree
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
LoadLibraryExA
GetProcAddress
FreeLibrary

rpcrt4

RpcMgmtInqServerPrincNameW
RpcBindingSetOption
RpcEpResolveBinding
RpcBindingSetAuthInfoW
RpcBindingFree
RpcStringBindingComposeW
NdrClientCall2
RpcSsDestroyClientContext
RpcStringFreeW
RpcBindingFromStringBindingW
RpcRaiseException

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ