9cf1d7c470a920e9dc6438297eef297af1207dbc3ca404fa49257b6e5e28fdcb[.]exe[.]zip

General

Target

9cf1d7c470a920e9dc6438297eef297af1207dbc3ca404fa49257b6e5e28fdcb.exe.zip
Size

3.0MB
MD5

245c1d974f7c5f3ae4cb248bd9f6f5ce
SHA1

b80e5b521e08f293969b29e7c5b8af1d2a33cda0
SHA256

c61d4d58e893979cf06cc71a06153302225f534468004bf5fec6903aac384df7
SHA512

ce5008c9215ad2c5a7fa366f146dd8ea463d486f6c9c05312f12942bad652cb268e368e07887869dfeca1b8eb38d9e8b1cfed180de3582b4e3823a15652aeee4
SSDEEP

49152:3xvTDeVJ4rTO/QQ5vSPzUQduV8sdTETVkH8bI4S7rVOu406KSePwzWKv304jrxB:39e8TOXSlodY5BbxSNOcjj+0CB

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9cf1d7c470a920e9dc6438297eef297af1207dbc3ca404fa49257b6e5e28fdcb.exe

9cf1d7c470a920e9dc6438297eef297af1207dbc3ca404fa49257b6e5e28fdcb.exe.zip
.zip

Password: infected
9cf1d7c470a920e9dc6438297eef297af1207dbc3ca404fa49257b6e5e28fdcb.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ