d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95[.]zip

General

Target

d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95.zip
Size

552KB
MD5

5ac0b680145026bd1a3ea1c9f5f98ee5
SHA1

0312c7d68fe96333bdcbc5a4d6c8f0269b315d74
SHA256

d2c4bcac44452264e59547d2e8d4fd46c8b2ba6e62f5f74a271b09420e4a19ab
SHA512

e3d6c8f54cd078ca7c830db15710aceee7fc6e132b25ba94730823e1ccd7c108978261070879713e979359ce6168473c70846ed656e37544d79c12696dae3722
SSDEEP

12288:3R7Zl7Lib4nQZ23wXtNUQSCFvNj5E04HUQ5TKM96wDkZyEsIrP:tX+bgxAXtN9SCFluyWTK0DwyQrP

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/open-order#456789.exe

d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95.zip
.zip

Password: infected
d9ba4927174717c804a7cdf4cc3260b5f3c2611fea7a4f6a6d8a68706034ea95.zip
.zip

Password: infected
open-order#456789.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ