0b3d473fd42556c074a176a5dba54ff1b79061ff06ba1dd8e213d2050c92c06e[.]exe[.]zip

General

Target

0b3d473fd42556c074a176a5dba54ff1b79061ff06ba1dd8e213d2050c92c06e.exe.zip
Size

3.0MB
MD5

d809d0f0eea3bab6f184f77a82325a95
SHA1

532f6c011c0add01376b1d62d0d37169d4aebf6a
SHA256

1dd5aa9a026a41d7ecbb1ad5e24cd0299fe1d7d7e4cde0b6dc4fe20dff82f0e2
SHA512

7ef09378ac1b564ae4b1396e5121e86d66f8cc1a33abc42acde6b6cc32467755a64c9b5be57e7775eee4c04f0d131865ed676ef86db443b43c5732f5551e1c38
SSDEEP

49152:IJB25gLBxNJZ8SP80ByGAH9q1opbQY7Ed9owluRmXWrnB2+LWwCZlTuex:IJBbVxtJP80BSeojEd9TlfWrBVaHZlCS

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0b3d473fd42556c074a176a5dba54ff1b79061ff06ba1dd8e213d2050c92c06e.exe

0b3d473fd42556c074a176a5dba54ff1b79061ff06ba1dd8e213d2050c92c06e.exe.zip
.zip

Password: infected
0b3d473fd42556c074a176a5dba54ff1b79061ff06ba1dd8e213d2050c92c06e.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ