3970c8a14a7cf30f3a8a8bf09f3a674309279459dfbacaa7aca34b7058a78dff[.]zip

General

Target

3970c8a14a7cf30f3a8a8bf09f3a674309279459dfbacaa7aca34b7058a78dff.zip
Size

2.3MB
MD5

2b01310dd150c6209df0563b6d63fec8
SHA1

e0d43311393ca196bd51beba7529a674e3fde25b
SHA256

1770f9cc5e8a79a1603afdfd4dc7292a634470558d8ca3cca1226013de899959
SHA512

6f81b39a5921d0f386cc99c23c0f1a1c33a8f60d8f8b407d88ca9e7150fbb745140e1a4bc3c1b143a9fabf26f8e400106ac7853ef5ea3abcebb038e51157c529
SSDEEP

49152:te4pyVun1ATfPMi8RU/4Axg3gAViVvElup4PhGAVmtnSQ/e30:OSK0xAi3TsDCpVOSQ/e30

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3970c8a14a7cf30f3a8a8bf09f3a674309279459dfbacaa7aca34b7058a78dff.exe

3970c8a14a7cf30f3a8a8bf09f3a674309279459dfbacaa7aca34b7058a78dff.zip
.zip

Password: infected
3970c8a14a7cf30f3a8a8bf09f3a674309279459dfbacaa7aca34b7058a78dff.exe
.exe windows:4 windows x86

424bf84ef133d7e8e8e3791eeea2950f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDialogBaseUnits
SetSystemCursor

advapi32

SystemFunction017
CryptSetKeyParam

ole32

PropSysAllocString

kernel32

GetCurrentProcessId
GetCurrentThreadId

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE