ad942fc486c91d8bd5c3d1ab5266d94582b10ea8ac3f284c6914d8c0e1542af8[.]zip

General

Target

ad942fc486c91d8bd5c3d1ab5266d94582b10ea8ac3f284c6914d8c0e1542af8.zip
Size

552KB
MD5

e340174cf19a4a7ec3ad3f7d92e25d70
SHA1

1b5441d00f857b462a8f608dabd20c9027709db4
SHA256

ad75d2bcae35c108644832d1d864a8c12869052daa6068cf2e588fdeaa5ef246
SHA512

c4218266f3cc5f9d1272a03a4872cf0a0ac248790f8110ff6e9a02976947fa4aedf8d53871e138d2ceae35ffdf1cf0bc4e084a89d1a6950188fa8e5aeddc1a08
SSDEEP

12288:/dwO6dndJmcLWMJzxJM070bKZsX3Rf+ujry8Y:6O6FdJ1zxq0OnRf+8y8Y

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ad942fc486c91d8bd5c3d1ab5266d94582b10ea8ac3f284c6914d8c0e1542af8.exe

ad942fc486c91d8bd5c3d1ab5266d94582b10ea8ac3f284c6914d8c0e1542af8.zip
.zip

Password: infected
ad942fc486c91d8bd5c3d1ab5266d94582b10ea8ac3f284c6914d8c0e1542af8.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ