915_8170fa34df7d78e7b0f6e09f7b3a2dd7a0ed2fa4b79939d7ee79e4bf03aedc81[.]zip

General

Target

915_8170fa34df7d78e7b0f6e09f7b3a2dd7a0ed2fa4b79939d7ee79e4bf03aedc81.zip
Size

511KB
MD5

2d82f4c0cc6d6e657f64236eff3f6843
SHA1

ac54a470f35738aece84225c9e7d5152b5a34c5a
SHA256

f043c2cac52d85b0c614b2175f1574500580b787607815680022bc3cad2c021a
SHA512

64dc92154716d2ef027a7cbb2a8398f00232674486fe41593f125cdac61d9f3e720d9f20bcda9b911447c3e71eab2819ddfddb8b6aa1752a36468e162fc61989
SSDEEP

12288:SnrnvIv+nfEzoEavZRw7c0ONxME7aus3dEqw+BnNJwrEcy:Sn7vIkEfURkc011P3+NgNJwrPy

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/9379_13112023_Bank Transfer Copy_pdf.exe

915_8170fa34df7d78e7b0f6e09f7b3a2dd7a0ed2fa4b79939d7ee79e4bf03aedc81.zip
.zip

Password: infected
8170fa34df7d78e7b0f6e09f7b3a2dd7a0ed2fa4b79939d7ee79e4bf03aedc81
.7z

Password: infected
9379_13112023_Bank Transfer Copy_pdf.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ