20faf63f5be9ffa91f54e99ac33a5f48e5e1492b2a831160f008212e6ffebba9

General

Target

20faf63f5be9ffa91f54e99ac33a5f48e5e1492b2a831160f008212e6ffebba9
Size

611KB
MD5

1f23f5c6b9b1957cb943013a6de6d2cf
SHA1

f4721b4654599578ccc0ed980b7ef2589f116d52
SHA256

20faf63f5be9ffa91f54e99ac33a5f48e5e1492b2a831160f008212e6ffebba9
SHA512

4a9c243c31573106cd70a67dae59e32ee9e88aef98c27b36d9bed3e0ebb48f30a294c48b93f67280e0840ea7122e62f473a321bbfb11e4d89929086b52003144
SSDEEP

12288:UDMvWH0ONy0o7x4seDlk+N33wZkCOHOYE32zfc+LfkpImsgOPUcEyD9:UDMuU1ddbU33akCOHOwfkpugOPUcEyD9

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4de6a298a55d719a8b618fc0c2978ef40d0f8536a7e5e0a038be7c4cf7501778.exe

20faf63f5be9ffa91f54e99ac33a5f48e5e1492b2a831160f008212e6ffebba9
.zip

Password: infected
4de6a298a55d719a8b618fc0c2978ef40d0f8536a7e5e0a038be7c4cf7501778.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

TxqF.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 632KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ