aff282d10ed4794df3eff097cd3724a4286a38e27ab486b7e7b73c763b6cfc27

General

Target

aff282d10ed4794df3eff097cd3724a4286a38e27ab486b7e7b73c763b6cfc27
Size

620KB
MD5

405edf1c2eb57897a5e126c9d6e3a0a9
SHA1

bfdd417c2a4039c80c538553afd2c63078773a94
SHA256

aff282d10ed4794df3eff097cd3724a4286a38e27ab486b7e7b73c763b6cfc27
SHA512

4c4d6dc9d163b588ce64ca7f31779c6cfdc251635265407d3fabdf9552320fa914f1bffc086285b34e69e661b38b90fbedcef231f7451e7dcf09e1daa9a90448
SSDEEP

12288:+9xXi1LE6sozZRCVQ5xgHAVNiVR1zwbBHJ6Q6KFxGAlpA4N3LBrXnNKnR3G+oF9d:e4vLxgHp9wtP6KFLpA4jrXNWR3cFDT

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a3781631c4e416fa9efb09310bca25a02f39f13fe0e33fd715b7be946324b389.exe

aff282d10ed4794df3eff097cd3724a4286a38e27ab486b7e7b73c763b6cfc27
.zip

Password: infected
a3781631c4e416fa9efb09310bca25a02f39f13fe0e33fd715b7be946324b389.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ZFaL.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 631KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ