b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b[.]zip

General

Target

b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.zip
Size

541KB
MD5

600e5034ead61aa91483056682a65405
SHA1

9b0b165f5d5099044e98e534ad738e083b9ecdd7
SHA256

233267ab534ad841ce8c0383d73d798edfc2caa415e4a08ba2c8b7f615449815
SHA512

d6d034a22a46f0703c78160ece9883c54d3eb52721f4524542df68058e0705a8f3669b7f76606c51886d4a548a6fbc41b6f795d3a24929ee3bd8ad022cf5c74e
SSDEEP

12288:RAEmfa0MOEsyM/lP9CoEMhmpGwGzexZTXT6khJzUdJn:REfav90/ColhSGwGzOgkhF8Jn

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.exe

b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.zip
.zip

Password: infected
b161be7554c0f571a5ae4db7a8c9ea60e7126c589339073b7c0aaacbd5679e9b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ