ea77f2a5de2073a8c019deed8f11673a487751cba7f1511d791dd9194fdcab9d

General

Target

ea77f2a5de2073a8c019deed8f11673a487751cba7f1511d791dd9194fdcab9d
Size

849KB
MD5

a9b73215ba4e5d8077b242feca5e98e9
SHA1

0373bba27a0e94516abc2e7ee947baf18f7c9e54
SHA256

ea77f2a5de2073a8c019deed8f11673a487751cba7f1511d791dd9194fdcab9d
SHA512

256b5909d73626b5a533ceb02f30f6e51f910aaf91d21b6b467dad3d71b8dfd6849594912fd16dd5fcbc1c4a78fa80e2a4f972933952f0340e7a0361b4b0ee87
SSDEEP

12288:auNDysqDE6XGcVn0MYRiPAdMVoiqguxrZ7WI5FWHotVz+xBCp9Ql7FC8W4Bdd8:auNmsqlXGctYRWAdDRBZ7SQpqxUwdd8

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/98b668f7457089866b6364c672e8dd35b12a24899eb80fdfcfc2a5aab8d9aa5b.exe

ea77f2a5de2073a8c019deed8f11673a487751cba7f1511d791dd9194fdcab9d
.zip

Password: infected
98b668f7457089866b6364c672e8dd35b12a24899eb80fdfcfc2a5aab8d9aa5b.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\Fallkyriya\obj\Release\Fallkyriya.pdb

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ