679f98def83c67983c6fc0a39005765760d0225d9bfc9d65500e574c72a50697

General

Target

679f98def83c67983c6fc0a39005765760d0225d9bfc9d65500e574c72a50697
Size

674KB
MD5

b36f49081fcd556c5c5bebd38cfb2305
SHA1

744c1070089fe5c2c2bbd3fb3d41200e2c0107fc
SHA256

679f98def83c67983c6fc0a39005765760d0225d9bfc9d65500e574c72a50697
SHA512

a6c5b0ee586d961f6eec37859560ff456eeed51bff855fdc3c1b763bc2246ccf0b7119dd1b89d838cc0b802067681d27f1e2cffb7872f753f975f29f6638588a
SSDEEP

12288:bwHNcj7cmOaOKF+qxgBCkLFnwWPiBC4KKdQS+aJrAPPxZeXi9g68ixni6/rX5Tqe:bwHW8mZ3gBCsnJPECDSFARUKzD1/7aW

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/164f67a3195f9de86de5b14e88b22a3539c6c1abcabf2b67f0962fccc4dc6baa.exe

679f98def83c67983c6fc0a39005765760d0225d9bfc9d65500e574c72a50697
.zip

Password: infected
164f67a3195f9de86de5b14e88b22a3539c6c1abcabf2b67f0962fccc4dc6baa.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

TZwb.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 773KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ