29d78ddaf4366b1ef0cd9b7f8e85aeabce276312c11ca1ca95ed5d77b643cbde[.]zip

General

Target

29d78ddaf4366b1ef0cd9b7f8e85aeabce276312c11ca1ca95ed5d77b643cbde.zip
Size

2.7MB
MD5

fa27fc6b801ada70d3030108fe192739
SHA1

689ac22fe034bc35fbe6fc34edbd6fc4a0d7d3da
SHA256

13797d5b1cf7d8a0304a2b4e0974b27778cdc9617be9a949d9d72f4a94d30154
SHA512

af410f6a668e57c603d09f622cc1687b78033a2caec8b17c50559351d5220be5ed793cbf4b49fc91de94aa804226318e48cbf5b7ee452750a99ca6fbd83dcbbd
SSDEEP

49152:u08pbAKYBu1y4nHLCtN5fqt5YlBbycWfXludjOZ7dygw4dKo8nFfJW50si7W:udprgu1yWLCxqIlBbycWfXludE7dU4dl

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/29d78ddaf4366b1ef0cd9b7f8e85aeabce276312c11ca1ca95ed5d77b643cbde.exe

29d78ddaf4366b1ef0cd9b7f8e85aeabce276312c11ca1ca95ed5d77b643cbde.zip
.zip

Password: infected
29d78ddaf4366b1ef0cd9b7f8e85aeabce276312c11ca1ca95ed5d77b643cbde.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ