4964e7f096d6b3fb575040c01238d88aa01204abd4411c9515b500299b40b830

General

Target

4964e7f096d6b3fb575040c01238d88aa01204abd4411c9515b500299b40b830
Size

905KB
MD5

46ae2f3ece45f1776e1f55552f925ed5
SHA1

b6820b2ced1c48909f846f697a10678ec9baf2c1
SHA256

4964e7f096d6b3fb575040c01238d88aa01204abd4411c9515b500299b40b830
SHA512

cb228fa7e979affc3ac33c8bb575a4915c9c7d93b72005a4dfd17958d9e7160c7d79eb744aedbeefb105bfaa87c62b25dc4b538ce4b8c6466e05d2be98762b05
SSDEEP

12288:Re4tvAVvpTg2g35N1SLKBpOWrUGWM51+xZDFAqSA907cwWiiYKensyNS5c+J/5ba:RjvAFy/Z3XrUVq2LDeowZN+Nxa

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/38d45a0e0f376be174d788c93424ef4724daad94ce4139beba1868a36d8ad47f.exe

4964e7f096d6b3fb575040c01238d88aa01204abd4411c9515b500299b40b830
.zip

Password: infected
38d45a0e0f376be174d788c93424ef4724daad94ce4139beba1868a36d8ad47f.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

xcPX.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 995KB - Virtual size: 994KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ