redline | 887601b95a0fd565fcba638d4325e6aea64739000fb5c59e1f803b61d6739f38[.]exe[.]zip

General

Target

887601b95a0fd565fcba638d4325e6aea64739000fb5c59e1f803b61d6739f38.exe.zip
Size

841KB
MD5

30e2107780d619d76d8948e4974a72fd
SHA1

085f56b8e5f3b3a88fcb206cf751232a0a2cccd8
SHA256

862df4c18ea95e28839b399c5736882b3c4c3be614caa6f053da9193b4862d13
SHA512

8a51c38e6627a8d68a452a279caa60f913ecb3e68d3b2e541b1c22e448af66ad8f30bb7b8758474c946c6e15f8efaf648f8dad5dffd12a28a53be6d199094d7d
SSDEEP

24576:fHaz5Li4BE8EzpMcNIYi/HtXBTBd28iN1Vi:fSm4QMwIY6TjGzVi

Score

10^/10

redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/887601b95a0fd565fcba638d4325e6aea64739000fb5c59e1f803b61d6739f38.exe

887601b95a0fd565fcba638d4325e6aea64739000fb5c59e1f803b61d6739f38.exe.zip
.zip

Password: infected
887601b95a0fd565fcba638d4325e6aea64739000fb5c59e1f803b61d6739f38.exe
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ