12a26f2a4e7399fc0af3fb2bbf3e2baac7bb74c8f9e38415ce2639acba48f9e8

General

Target

12a26f2a4e7399fc0af3fb2bbf3e2baac7bb74c8f9e38415ce2639acba48f9e8
Size

700KB
MD5

2f1784670b796c4f18c4f0895095c16e
SHA1

f8266770c306e372b6c2966267038dcc8034f52d
SHA256

12a26f2a4e7399fc0af3fb2bbf3e2baac7bb74c8f9e38415ce2639acba48f9e8
SHA512

8ddfc357ac0cebeeb930d9e882ef35e28897b587ef66f7e7d6dfc29193769b9895abb8c198a2946c1cf675147edb229855de14bd3e2f149d4f9189529f7c8a27
SSDEEP

12288:hvaBMX999IjZTf4MqdfKi+PP+K/bbDV1O+jVseWbYj0BdDtbYIPVS+xmhPg:hcMXGjZMMqxLsbNEa2xjbYIPVghI

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1c74b93b1aa4aaccbef0f11ab5466e2bb801a284b4c5d2d94d9c010b00931763.exe

12a26f2a4e7399fc0af3fb2bbf3e2baac7bb74c8f9e38415ce2639acba48f9e8
.zip

Password: infected
1c74b93b1aa4aaccbef0f11ab5466e2bb801a284b4c5d2d94d9c010b00931763.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

KzDH.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 857KB - Virtual size: 857KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ