16a60b1091c521261f9fc3712baec729bebb08ca82564843bcb96db35841ad0b[.]zip

General

Target

16a60b1091c521261f9fc3712baec729bebb08ca82564843bcb96db35841ad0b.zip
Size

286KB
MD5

378fb930cd346b9eb50199ec02711337
SHA1

1792bf961160f8ed1211422dd5541b17d37dfc6e
SHA256

b105e50a1c7241175fb947eb9285ad653194f408c11e1535db46cd624746b6dd
SHA512

1697e5cab78ac4698a9aedba91f01f4a26ff2de6aee82aed3bcda38d4f78d86487d795f0b0d9c7e878328c5f3fd0b36eb30a85b828f261e08610d7e94f8d3190
SSDEEP

6144:ljanmxw/bUoI43Jobb3US/+1vMgdmDGSGReCwQtXWWn0sSl9SKsSgif0+vMb8/KL:FXOzxIuS/+Rj0GhwQF0bAIgW0+Eb8CSc

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/16a60b1091c521261f9fc3712baec729bebb08ca82564843bcb96db35841ad0b.exe

16a60b1091c521261f9fc3712baec729bebb08ca82564843bcb96db35841ad0b.zip
.zip

Password: infected
16a60b1091c521261f9fc3712baec729bebb08ca82564843bcb96db35841ad0b.exe
.exe .ps1 windows:4 windows x64 arch:x64 polyglot

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 305.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ