ac64d06dec6a60f288d6449ba24dd600415a67407b9ee5fab83de1ccbfb5056a[.]exe[.]zip

General

Target

ac64d06dec6a60f288d6449ba24dd600415a67407b9ee5fab83de1ccbfb5056a.exe.zip
Size

3.0MB
MD5

6e30034a6dfe9c351c40515cf6545c01
SHA1

28ae791d301d3cb655eadeeb564270ef5246dcd0
SHA256

c307081f81ec804982fc11d3a9b9532dbb3b6f6e055eb8259ba81ec71ab9218a
SHA512

08a7ddda282b0af7794838162f17bf30601f8b414e23044869c6ae9e606ecefad9b8be1edd7d820cc2c608b8c3d413c6b4527606ec8033351585b16dbd08b15a
SSDEEP

49152:WyWENUQ+XNLMXW4bXCoYPf+ES8KY2BY63V/qkAkVIw5/ysSIQV/s92hk7N5f:zliQ+9SW4bXQPrghiGVjAkVIM5A85f

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ac64d06dec6a60f288d6449ba24dd600415a67407b9ee5fab83de1ccbfb5056a.exe

ac64d06dec6a60f288d6449ba24dd600415a67407b9ee5fab83de1ccbfb5056a.exe.zip
.zip

Password: infected
ac64d06dec6a60f288d6449ba24dd600415a67407b9ee5fab83de1ccbfb5056a.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ