b631ea91cadf246fe575e6ae8b81d53602c8277d298f4852cc3adb168819c77c

General

Target

b631ea91cadf246fe575e6ae8b81d53602c8277d298f4852cc3adb168819c77c
Size

459KB
MD5

0edf4d36302d32b667786964a9545a7d
SHA1

e5ad75035d421a3b46be247d6e4694920d5dba8e
SHA256

b631ea91cadf246fe575e6ae8b81d53602c8277d298f4852cc3adb168819c77c
SHA512

24e7eb33e0343f8009d3e4d277e33c5069ba426e057df68fc2c334138d80e442de01ed3576ff3c0510a3057694007e26f47604a3e898d3415f717d47c95364fe
SSDEEP

6144:SBH69mOI+6HHt/T5Ie2o3k2X00o2MEinxgqJ3FX/m9ltZQRHOS9e4Y2opSggBtHE:SBBnt/1X00oj7n9J3IViHe4n3BsMRG

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8d8533278822162961e4bc205ed8e8ca33254c6653ce90bf22f8f25580d72ab1.exe

b631ea91cadf246fe575e6ae8b81d53602c8277d298f4852cc3adb168819c77c
.zip

Password: infected
8d8533278822162961e4bc205ed8e8ca33254c6653ce90bf22f8f25580d72ab1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ZIVI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 501KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ