2e2ab689b6379dba8715085903f8de13a0d067db63c43f16bd2a47508abcf077[.]zip

General

Target

2e2ab689b6379dba8715085903f8de13a0d067db63c43f16bd2a47508abcf077.zip
Size

55KB
MD5

bbc527d93ecc3565f18a7f2b54c9ead6
SHA1

1dcececf9c45ce2e5944cd3044242d5a2d1d248c
SHA256

5293cfb785d157461d7d9c8a6162e83958d5a28eae45dea998994b07632568f8
SHA512

9a7a6a56dd5a1c0a1a3de4b584f347dbd449f3c2969abdfb570bd07b73c2b6bf815b1a6f988786ace75bad5b6f55a1b2a3cf93a9135bbbc3ae88d1561f78a107
SSDEEP

1536:IoOzqho7biBjc2GnFR79OJoA9+d2Pvs2/+9Ibug8rPV:Io327+tEQWm+dC/ug8J

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Peloton.AppFrame.App.exe

2e2ab689b6379dba8715085903f8de13a0d067db63c43f16bd2a47508abcf077.zip
.zip

Password: infected
Peloton.AppFrame.App.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ