b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b[.]zip

General

Target

b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.zip
Size

541KB
MD5

b7b23f287d06a4e0826b3760a3df4fec
SHA1

9a3abe37ea88086b9818c90b66186ae2da4c78d7
SHA256

3c9ce8f9ea12d33121cbed04a9cd55ace12062949b7bb3dafe37f1f0a55f1eff
SHA512

518c80442809f0edf9e0ffcb3d345f07265a49dd0ed0a02fe5088f7c0af35e4f75ac493e0d10eef31651d75243da8cb8ec5e17b90ec6bf0b169d2f0e1b753c45
SSDEEP

12288:eby/gskITBX/0W/0ZNNat32VqV2osNbSwgGLRPM7ChA6a6RYarFygeBx:Bn7BPv/8at2jf5Sw5tqp6t7oNX

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.exe

b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.zip
.zip

Password: infected
b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ