71d7df5ca280f5dbc478ea78e4ff063c9b7dca6dacf7eb3fa5cfd553e64c6e40[.]zip

General

Target

71d7df5ca280f5dbc478ea78e4ff063c9b7dca6dacf7eb3fa5cfd553e64c6e40.zip
Size

1.9MB
MD5

e84eda6b8a2d010316180d01833a5157
SHA1

715c7385c53a9824da4e682c2edbc8ce23dc5b4c
SHA256

7d68a86206fa54e628ee1585f9e15092b441132253a2aa0a6c70f86387a0d8cb
SHA512

1ae50b196b5dcebdaaaf23cdbd0cf9f7802e5e30ef60215c21de9dfb79321632ac4db015e73e456504f5defa678e327c38a58249792b08efa22e40598de4de2a
SSDEEP

49152:QhChIA1NWvwMQRPkpDdjTA4rSfR6KyxQ29RlM+E7JH:2GW4pkPAUS56xQKlVEdH

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Charm.exe

71d7df5ca280f5dbc478ea78e4ff063c9b7dca6dacf7eb3fa5cfd553e64c6e40.zip
.zip

Password: infected
Charm.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

N7vjwp
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dIVCcv7X
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zOOj
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

u8Qo
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gRX0T
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE