ca2c9a69feeb56291bc5dde7d87e2adff974dbc763295981f601f2b2803088bc

General

Target

ca2c9a69feeb56291bc5dde7d87e2adff974dbc763295981f601f2b2803088bc
Size

10KB
MD5

176b90fec348a2e4f046aab835a1ef67
SHA1

4d3fa809ea519e53b712767273110d430cb5eb93
SHA256

ca2c9a69feeb56291bc5dde7d87e2adff974dbc763295981f601f2b2803088bc
SHA512

901bc52b5669eef912e539e816383c25c5f81ba22757f0f966431fd751b29018c9360b1031035ff282a75a7eea7b3fd3b9e14dc5d3b5bdb10d76b94e08f613c0
SSDEEP

192:vrHBuYIsaH647gnZnJsoONaaOvJU/5SGc+QDaNo/nHWyPl7nLGDvT4L4vm:VuY+H68cQBEJi5S3/aW/n/ljqD7S/

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8639fd3ef8d55c45808f2fa8a5b398b0de18e5dd57af00265e42c822fb6938e2

ca2c9a69feeb56291bc5dde7d87e2adff974dbc763295981f601f2b2803088bc
.zip

Password: infected
8639fd3ef8d55c45808f2fa8a5b398b0de18e5dd57af00265e42c822fb6938e2
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Files\H2KSRC\HKCode\SqlServerWorks\SqlServerWorks.Runner\obj\Debug\SqlServerWorks.Runner.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ