935_a3f904902051206e4df153fe5bde30b451cfe2e211c01d0c034cf9ca226c69bc[.]zip

General

Target

935_a3f904902051206e4df153fe5bde30b451cfe2e211c01d0c034cf9ca226c69bc.zip
Size

165KB
MD5

05a05b16e9cc8d8a032f15d9159790bd
SHA1

ba16420ff114a65878e82936e9a44335c122fdd3
SHA256

d689c6ea63b73f553deb4e3b6cc33339e1d1730fd2481d26e6a26ef0a0c3ca73
SHA512

9724a5aeed6b52e2acff55b0998e173cd5892e62f6fc869a345b83f7684b95f8decdf86daa93855746ad90319df77545c5be97a2c9c4fb9e9e3ab4a575d54ef5
SSDEEP

3072:KOI5C/TS2/AZQD/qtXXfg7NZQ39qe+WaLZ7xkBSrSc0sYmSBfg:dLSjmD/qNXfKg392WaL5GBlc0tmSe

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Aviso de disponibilidad de Factura Electrónica Iberdrola.exe

935_a3f904902051206e4df153fe5bde30b451cfe2e211c01d0c034cf9ca226c69bc.zip
.zip

Password: infected
a3f904902051206e4df153fe5bde30b451cfe2e211c01d0c034cf9ca226c69bc
.rar

Password: infected
Aviso de disponibilidad de Factura Electrónica Iberdrola.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 551KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ