0a5d7fe008811130f9e6d9ca76eb086ec6636782bc6fa9b6f315c153e4d4bd67

General

Target

0a5d7fe008811130f9e6d9ca76eb086ec6636782bc6fa9b6f315c153e4d4bd67
Size

847KB
MD5

b1b1ee6cfccd307d3a08fa0489ef6c49
SHA1

478ac0e17dc61fe139e42d91b0dbdd72d3b662e4
SHA256

0a5d7fe008811130f9e6d9ca76eb086ec6636782bc6fa9b6f315c153e4d4bd67
SHA512

08cb6bf0d85a55557be4ef345770e9036dfc513443c17e94a6e28f7fad8009959a76d3b358202eec240c1a13c8514ec1f6a91ee50937fe97548adb831a6b17f9
SSDEEP

24576:y7fVPidX3TOIFgkKwJb8tSQyEZAAe3HioShnBoz:gtMhgkKwJYzyE239ShBoz

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b22dc0520dd01d9cef4d17bec287e31888c33ddb1ea755f595217e8b51a6b6a4.exe

0a5d7fe008811130f9e6d9ca76eb086ec6636782bc6fa9b6f315c153e4d4bd67
.zip

Password: infected
b22dc0520dd01d9cef4d17bec287e31888c33ddb1ea755f595217e8b51a6b6a4.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\HFayo\obj\Release\HFayo.pdb

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ