89b579ccb9cda9e17541fdc06463ee2d6bfcc4a335d371988f45334b3af47ff1[.]exe[.]zip

General

Target

89b579ccb9cda9e17541fdc06463ee2d6bfcc4a335d371988f45334b3af47ff1.exe.zip
Size

1.6MB
MD5

308ca6bfa2485d3c3d417a19818203b3
SHA1

ef658b011652be81b27e5e244fec6119c42704a2
SHA256

38143d36ccc6d48e4f0f04b8f5bd41bb2c4ac84ab84984e034edb24a0199aad7
SHA512

38a13fcf5fc48c907d3064da587ff1da135b76e50482f537c3ea2a28f68fa904c5651cd3a6e9b9d653fd98bb29fbd070cabf08652225818a67f7e77847047ef7
SSDEEP

49152:uDLbpAbvreViZFnsd3oVMLs3YrCEvLEps8vrpseRTD2zpG:gCrbFas38LvcsSClG

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/89b579ccb9cda9e17541fdc06463ee2d6bfcc4a335d371988f45334b3af47ff1.exe

89b579ccb9cda9e17541fdc06463ee2d6bfcc4a335d371988f45334b3af47ff1.exe.zip
.zip

Password: infected
89b579ccb9cda9e17541fdc06463ee2d6bfcc4a335d371988f45334b3af47ff1.exe
.exe windows:5 windows x86 arch:x86

7617119cde5afea121182e7cd8e56744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

OleInitialize

oleaut32

SafeArrayCreate

Sections

.MPRESS1
Size: 1.6MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE