4b04d68c3fb64a945cc674a6153bef936cddf7562060ba0f6491823e65832df2[.]zip

General

Target

4b04d68c3fb64a945cc674a6153bef936cddf7562060ba0f6491823e65832df2.zip
Size

25KB
MD5

058ea2b1f9e9ba837c760912ba7c612e
SHA1

5982dfe8319875268f4f16f28cc210aa576f0fe0
SHA256

9699b1129365cbebb3eed9d45199e9c4022b3b47c34286586b1c44498a9180bc
SHA512

dfb0cee75ebcb12cdaf27df2f8eae3202bf5222babcbfd267212b27c109bb6cf98e4ffdb3cec93d685f9b42a771c94194e3a73776b8aa5951944b793f93b91a6
SSDEEP

768:NOMe4XY5XV4Mm+zF0WA0MrsS1lsjN1ZDZbI4oeBY:NDe4I5XeMm+zF0qSWZq4/Y

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4b04d68c3fb64a945cc674a6153bef936cddf7562060ba0f6491823e65832df2

4b04d68c3fb64a945cc674a6153bef936cddf7562060ba0f6491823e65832df2.zip
.zip

Password: infected
4b04d68c3fb64a945cc674a6153bef936cddf7562060ba0f6491823e65832df2
.dll windows:6 windows x64 arch:x64

db7aeb75528663639689f852fd366243

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\temp\debug.pdb

Imports

kernel32

PeekNamedPipe
GetLastError
CreateMutexW

user32

MessageBeep
MessageBoxA

Exports

Exports

scab

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ