16837819264[.]zip

General

Target

16837819264.zip
Size

648KB
MD5

486884fb1c1bd0c002fe0ae5a1684fd0
SHA1

7323aeab0130ca88bcc97d8cbb9a7e74a383dc65
SHA256

72fc32877f951da6163a0ed85db7c02fb9e41112da8be513229575f9c312eb34
SHA512

8a4725d615f3533503ff19d4699ba68f0f1baef784e6ffb1f52612c67b1105492dd7daf4e7742051c88b2c0de89bfb789d2346c297eaf8062a6b9f862cdd64e4
SSDEEP

12288:xmvGJ1sb6bpkWtGHIgc6cFcS8bmk/7vqcrkyztpesklktvO47OVOpfQm83Fn:xE8uIpkWMHIg5cSP/7vqsZklCvO5VOAh

Score

3^/10

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack003/cXPFfk0pBp7bEsb.pif

resource
unpack003/cXPFfk0pBp7bEsb.pif

16837819264.zip
.zip

Password: infected
a6ebe5502b666ef55ff9dc168ce6c2e7cd72ee350b9d526713cef91b779afe9d
.iso

Password: infected
out.iso
.iso

Password: infected
cXPFfk0pBp7bEsb.pif
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 662KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ