MDE_File_Sample_edc1b58288cd4addd02032ebb1c434ce07d8b879[.]zip

General

Target

MDE_File_Sample_edc1b58288cd4addd02032ebb1c434ce07d8b879.zip
Size

61KB
MD5

dd5ef72a37409ff4e5a4401cddc543b1
SHA1

4f53ad0f4b59281523de0c2d92f5956e755bb5ac
SHA256

752a18507893f03f9cfc2e5364eeb64590a3e91218bd4579e42508712411efb7
SHA512

e139fa2d6239e5fa7b0f40f959bc3a5a1accd4b0470580e10bdbdcfeb44ca6ff24dc7cbb6c08b082933cf8ab0223b6fdb0d548b3e8855454413c5cfec83c5b95
SSDEEP

1536:06ELOPuV6dKIiFjGYYutTOFMdYlQugkiZBHY:06EiGVOtiZ9Cl/gzZBHY

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Files.exe

MDE_File_Sample_edc1b58288cd4addd02032ebb1c434ce07d8b879.zip
.zip

Password: pass123
Files.exe
.exe windows:4 windows x86 arch:x86

Password: pass123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ