380B1EE642C43DD64592D2EB49969468CB09EBA83CAF670CE72F181299BF150D[.]zip

General

Target

380B1EE642C43DD64592D2EB49969468CB09EBA83CAF670CE72F181299BF150D.zip
Size

82KB
MD5

a9818fdadcfb60b84438211cba1c44cd
SHA1

dad1d7783bcf3e8ec0e68138d4eeb606c2aec2ff
SHA256

ac668717349668c5500acfd6621a37f734bbceb8f8a2cdc76bc6de99894b5d11
SHA512

259c87d9e79d3ca614d6880f9203996b7e8bd580138dce1b9c7cbb393d896861b4893d7d9809ae79864ff2e72d34e627e2b5d0f2012e828cfc5630450047b4e7
SSDEEP

1536:E0mu/q2Z8vrMOVAObP6HhiuLT49lFZepuTRtu90Yh9ooXaMCd3p+ud:TP8vVVlw9Hc4pw02Yh9oXVZR

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/380B1EE642C43DD64592D2EB49969468CB09EBA83CAF670CE72F181299BF150D

380B1EE642C43DD64592D2EB49969468CB09EBA83CAF670CE72F181299BF150D.zip
.zip

Password: infected
380B1EE642C43DD64592D2EB49969468CB09EBA83CAF670CE72F181299BF150D
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\EplanW3\Setup\git\bin\DownloadManager\obj\Release\Download.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ