b8649ca1e287d365304829aa2aaaea9ea025d0ee451aca0de5ce81326cd90fc0

General

Target

b8649ca1e287d365304829aa2aaaea9ea025d0ee451aca0de5ce81326cd90fc0
Size

611KB
MD5

37c404e5898b35dd37474ded20f559e5
SHA1

8f5a0009aa13a1cfca230fcbb058507efb282b75
SHA256

b8649ca1e287d365304829aa2aaaea9ea025d0ee451aca0de5ce81326cd90fc0
SHA512

a449a84628fb81980d210c93eeaf299462fe46bbcfa204b6ccf7b30175c53306fc8315e177cd24371f0cf50cacdcab08d09c3b50c0344a1214703c8fc4100050
SSDEEP

12288:49ywZmpkB5Esyw3+PxGT2oD72fKOrwk2dP/edx/jF55Y0r:oyIzysv+PgTTYrbuWdx7Rx

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/e57a006770c082e10b1d0821fdae309f5f76b5c1f9f209a9b6edae90c13dc718.exe

b8649ca1e287d365304829aa2aaaea9ea025d0ee451aca0de5ce81326cd90fc0
.zip

Password: infected
e57a006770c082e10b1d0821fdae309f5f76b5c1f9f209a9b6edae90c13dc718.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

vGFL.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 637KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ