0b1e977441a99fad26582e4e6c3d1e5b93c7d334328eb9cca4ed94ba6d2e1a99

General

Target

0b1e977441a99fad26582e4e6c3d1e5b93c7d334328eb9cca4ed94ba6d2e1a99
Size

216KB
MD5

dc9d5a0be3c3a16fe0878abc9ea1d8a1
SHA1

f8ec4ec2ce1c5cae6be274c2e27015560ee8165a
SHA256

0b1e977441a99fad26582e4e6c3d1e5b93c7d334328eb9cca4ed94ba6d2e1a99
SHA512

f3014f7ff343b3074d7f699dd6420ffce9d32a10de355f0c00aeaec8fc6b067d1d68a26b91655eba4101d412f8c52013857711d402f2abc4914ba22289869ef5
SSDEEP

6144:l/ny0Lfh5pvEw3fABBSO8UXfSLlUsmddG3B:VnyqP3oBBS26n93B

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f958ce56b688316c3905d3de8770ad2f4e983b9b4824281cd285fecac12051f1.exe

0b1e977441a99fad26582e4e6c3d1e5b93c7d334328eb9cca4ed94ba6d2e1a99
.zip

Password: infected
f958ce56b688316c3905d3de8770ad2f4e983b9b4824281cd285fecac12051f1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

LevelUp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ