ebdc12a94c386bd8307c063261323cd98646c5bd378a15366451936f29540f44[.]zip

General

Target

ebdc12a94c386bd8307c063261323cd98646c5bd378a15366451936f29540f44.zip
Size

876KB
MD5

cc973195fa2d0851191cf2a1513ffe13
SHA1

acfb004b7548a000903f0c2f0df2a8b18076025c
SHA256

3a07986d0d710112ff0d45cd7fac8c61503c69a3b98ca4465b66b920260b570a
SHA512

c68a0237b5c2a55801ea8735ef0a67fb8bf6cc9f1b9fbec93723e1143e157e76ed79b9c4b3f9a3c3a83e93d4d4fc9b3100f3bd77476255748cc17f371134c276
SSDEEP

12288:4VyWiykyumtVYG8Y/102XxxhwqWTBu//SohQC8VmfIaKZYRdQkg0dLKzeKGr:TXLmtemxXUxVmfLo0NKzetr

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/9008654324456.exe

ebdc12a94c386bd8307c063261323cd98646c5bd378a15366451936f29540f44.zip
.zip

Password: infected
ebdc12a94c386bd8307c063261323cd98646c5bd378a15366451936f29540f44.zip
.zip

Password: infected
9008654324456.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 927KB - Virtual size: 927KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ