636d3d445834be35ceb487d31d913432da4c60d17aa5c0626249e0541d8af9a7[.]exe[.]zip

General

Target

636d3d445834be35ceb487d31d913432da4c60d17aa5c0626249e0541d8af9a7.exe.zip
Size

1.8MB
MD5

e6106df9770fbdcd7668f8053d738380
SHA1

0976560d9512a3adcfe5c63a09d3d5c5e294fc36
SHA256

7d341c2967510436a636fac7b72df72d65125b3147d0ae5ddc0d1e7b3f093e4f
SHA512

b78f610c38f8bf32b3197dbde7a4decc973bc93a31b1d861eb376eb0c739c4b8f2b672c0ee01d22c6b7aba9dc1da446dcd92584b36434b57a0d78a675b6b1506
SSDEEP

49152:6MTx/UDgWc+gB71bttt6qFbTG72JAvCMslJ9:bxbjrbPtnFGSICFJ9

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/636d3d445834be35ceb487d31d913432da4c60d17aa5c0626249e0541d8af9a7.exe

636d3d445834be35ceb487d31d913432da4c60d17aa5c0626249e0541d8af9a7.exe.zip
.zip

Password: infected
636d3d445834be35ceb487d31d913432da4c60d17aa5c0626249e0541d8af9a7.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 1.4MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE