fb829ff6e8ccdb4cc73b13451e1b75e80becf929fa05f73ccb64aed083219196[.]exe[.]zip

General

Target

fb829ff6e8ccdb4cc73b13451e1b75e80becf929fa05f73ccb64aed083219196.exe.zip
Size

271KB
MD5

967cd676de9e30b84c53f09a7dcdb3ce
SHA1

eb370b73df94a0cd5c248a7b49d7dac72892f91d
SHA256

b0be30a6de8b0837c4b2f80daa0e4e0a30ea92fa717660127ebff2c791872ca3
SHA512

5e3ae123e5733e6df158ebecab3540e292bf78f700db49cfe484819efa36e9b7c8260b59fe7c367033a7f946e21d9ba9a112053fe97011f1f0d95b1998526fb7
SSDEEP

6144:qktnkC/2c4b9rbbHwUxJ+iJnzYwuP59cFzCHznDoaC25t1wjs0:qktkhtbxbbQU5JkH4IoaC2Di40

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fb829ff6e8ccdb4cc73b13451e1b75e80becf929fa05f73ccb64aed083219196.exe

fb829ff6e8ccdb4cc73b13451e1b75e80becf929fa05f73ccb64aed083219196.exe.zip
.zip

Password: infected
fb829ff6e8ccdb4cc73b13451e1b75e80becf929fa05f73ccb64aed083219196.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

+:vM
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ