f9485e2d7841f9047a68cfe663ab449901e5b08b4a3496554732fd2e0b9180f9[.]exe[.]zip

General

Target

f9485e2d7841f9047a68cfe663ab449901e5b08b4a3496554732fd2e0b9180f9.exe.zip
Size

761KB
MD5

77a1f1cd8fa6f101630ca9117754f30d
SHA1

37e1543fd0e3209134eca8eb018081ce41b7b936
SHA256

efd6499ad4c8f2637beb0d5f6e136db02cccee866647b1f8e61d319a8bd5953c
SHA512

c2b0ce3064ff6eb3228964a2a05760c3ff3e0bae1a2aa45972726ce150b83c7a302fef39764e6b72a76b6d6bb1ec4adb27361fb0960cfffa6c97cda8e8506c96
SSDEEP

12288:X7pThdewShHTAWYixz4VoPWCCNPIYse4+yyrEJimxCpgNQcDbIXsiNoV:X7pldewOHTAWYqjPWrJWzCpyZDFiI

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f9485e2d7841f9047a68cfe663ab449901e5b08b4a3496554732fd2e0b9180f9.exe

f9485e2d7841f9047a68cfe663ab449901e5b08b4a3496554732fd2e0b9180f9.exe.zip
.zip

Password: infected
f9485e2d7841f9047a68cfe663ab449901e5b08b4a3496554732fd2e0b9180f9.exe
.exe windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ