799b7a01e7941fa8baf90b3bc4c6397ca2974429b835949540b0b88162f4fc81[.]zip

General

Target

799b7a01e7941fa8baf90b3bc4c6397ca2974429b835949540b0b88162f4fc81.zip
Size

342KB
MD5

01b6038c4436f84435b3f2e175453655
SHA1

26f1fd62e87ad32ab70d956356924353ca6d3d36
SHA256

0592c5ec20a4f9c78d1c07a3d2c45145c6f62c04f6697816ba29a9a35ad60336
SHA512

5099b36409a58c53b458fc2a8f63f19b11f99e02a13bb7844645214292440ce79ed1afa5a351e720ddf9c82a8b7a567c6d9135373001bd74cbee0851038a777b
SSDEEP

6144:9B4lVU5Yl6uXTu2rj46suEmaGNCK5+GyPEKgZNqjbh5iPa2uvIisLvVF:9mPOe6lEj4h3m3NCC+hEUPiCdvKb

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/799b7a01e7941fa8baf90b3bc4c6397ca2974429b835949540b0b88162f4fc81.dll

799b7a01e7941fa8baf90b3bc4c6397ca2974429b835949540b0b88162f4fc81.zip
.zip

Password: infected
799b7a01e7941fa8baf90b3bc4c6397ca2974429b835949540b0b88162f4fc81.dll
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ