459dc6aeffb60a7ca353a525e5f90a03eedb7d52cac387f54723024be6371d72[.]7z

Sharing

Target

459dc6aeffb60a7ca353a525e5f90a03eedb7d52cac387f54723024be6371d72.7z
Size

5.4MB
MD5

a3964dae393fa17cb70d21fa4add67d1
SHA1

15c440a449e3a19f0aae5de0759716e3d71b9e63
SHA256

97546039e6ad5e7e2cd8b55f94c399d3a11cda743d5af602451edcd38fd19e85
SHA512

04cc4cfc432b39f3f1a4ff3c6c8ac48e1fbc2a3e4db4e5ebefdb643d2e92bbb0b9ea90ec5a8f0060733097c1c4aa7af183af35726b0a966500aae0eb110aaa54
SSDEEP

98304:683CasJ/ahuyYtYRJL3K4XnGw2CrdEhB3B7hDUN/1a1Fegrye7okVblV:6ECast4xYajLRXz9qB3B7No/wFllxVbn

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/459dc6aeffb60a7ca353a525e5f90a03eedb7d52cac387f54723024be6371d72

459dc6aeffb60a7ca353a525e5f90a03eedb7d52cac387f54723024be6371d72.7z
.7z

Password: infected
459dc6aeffb60a7ca353a525e5f90a03eedb7d52cac387f54723024be6371d72
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

WerpInitiateCrashReporting

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE