5c435c9da69a6a9dbe736f652c5c58e0540637266e84b1b98925ed6e29a29892[.]exe[.]zip

General

Target

5c435c9da69a6a9dbe736f652c5c58e0540637266e84b1b98925ed6e29a29892.exe.zip
Size

312KB
MD5

0ef7641fbc7a6e79c229897ff41570ba
SHA1

6d2b13d263f493237f0a32773f48d7fe39852f9d
SHA256

16113a408d873c1e50e4531141fdb8024d87558f77305cdd7532ed6aa6fd331d
SHA512

97123cbc7ed70165b48bf1ab53a10ede849cc9f55dff055befdfbff7f71d0b02e1e9e04a8712340750b74e4ea82f5fbc537453e6ed77b8b4d40fe45c31f062e2
SSDEEP

6144:2QaBQxAKQ+89O3JMq1UJc4Xr5KnbPAKwCnjLLlXlNlysdWmo:fjVD1Mc4VKbYKPnLqsdWn

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5c435c9da69a6a9dbe736f652c5c58e0540637266e84b1b98925ed6e29a29892.exe

5c435c9da69a6a9dbe736f652c5c58e0540637266e84b1b98925ed6e29a29892.exe.zip
.zip

Password: infected
5c435c9da69a6a9dbe736f652c5c58e0540637266e84b1b98925ed6e29a29892.exe
.exe windows:5 windows x64

4a7eddb739660d05e1bae99696a9c3ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

log

ole32

RevokeDragDrop

gdiplus

GdipFree

user32

GetDC

gdi32

BitBlt

comctl32

InitCommonControlsEx

Sections

.MPRESS1
Size: 262KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE