fa2f3088be45efd64b77e72403df823d03e48f8f57c0e4b0e13fc58a39d09d41[.]zip

General

Target

fa2f3088be45efd64b77e72403df823d03e48f8f57c0e4b0e13fc58a39d09d41.zip
Size

2.0MB
MD5

f7799e3a6543a36fd6e846f66dc418b2
SHA1

df68ab3350dee2acff2d21da68d63c8bdcf70a5e
SHA256

cc7ffcaf21890f49e5aae181c85ec320f2d485019a8a3a5938ff02d82cec5757
SHA512

b46c18a421c08a4dc413025312d1ac7704093d10968737f0b984f240982554d541333699f761935a25ec1c5b0b44605430d7b78ffe93cf24ffacb6df9cbab163
SSDEEP

49152:iXFTLmqHgjt9cd71aANQ7qFHEurV0WZWjJd:iXFnmYgh+d8l2FHyT

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fa2f3088be45efd64b77e72403df823d03e48f8f57c0e4b0e13fc58a39d09d41.exe

fa2f3088be45efd64b77e72403df823d03e48f8f57c0e4b0e13fc58a39d09d41.zip
.zip

Password: infected
fa2f3088be45efd64b77e72403df823d03e48f8f57c0e4b0e13fc58a39d09d41.exe
.exe windows:5 windows x64 arch:x64

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lesjjpkq
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sljtspek
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ