2c0ef64995b6a8a3b741da881c5b6fe4b5f764ea55e2a6a6157527af9d0dadb3[.]exe[.]zip

General

Target

2c0ef64995b6a8a3b741da881c5b6fe4b5f764ea55e2a6a6157527af9d0dadb3.exe.zip
Size

1.3MB
MD5

cc7dc3b8ba77c375ec048ff59e0b265e
SHA1

f1ee98b8c73f7ec130be202cff8620e87799a1b6
SHA256

578d4255b118ac0a1cc3752406f700fff3509885849ba68a45706faf363926bc
SHA512

f472a90dafc6dc6d567b2cf55cf82ba103dfa533196f7309af5039c02608e5832e1b83ea22190fe8a1f293714c5d6bb55e114b272943fbc6cd5c5ef5dd985600
SSDEEP

24576:TXTu3pjG1ycJg1Cz0zREcBqJqdWn2IixYz+IHs7B9U5haQ3YERSvoD0NUiU:TXOjGycJg1Cc+eE+ImBYk+/7iU

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2c0ef64995b6a8a3b741da881c5b6fe4b5f764ea55e2a6a6157527af9d0dadb3.exe

2c0ef64995b6a8a3b741da881c5b6fe4b5f764ea55e2a6a6157527af9d0dadb3.exe.zip
.zip

Password: infected
2c0ef64995b6a8a3b741da881c5b6fe4b5f764ea55e2a6a6157527af9d0dadb3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ