b5293bead6de3064da160f7e5d767928a6c181861538a667e54d1b99d076d083[.]7z

General

Target

b5293bead6de3064da160f7e5d767928a6c181861538a667e54d1b99d076d083.7z
Size

2.7MB
MD5

3a5fd10fd1c2456b073a010b2755c631
SHA1

ebf49472a1f2b1f44dbbc6ea7deca85acd25ff01
SHA256

5c312f57220937cf6cf2798cb09e0cce1fcd7aa0b9194524c91e5b4ab4673a82
SHA512

4d216927422b85d18c2ea3dfdac727cef2581f1ee1f1e0c0dede40938562ff3ba301e6e2a40b167109efa7f5347bdc45389f0908b6fb39999053c9b870ce379e
SSDEEP

49152:xKmShiEgtlX7W9y88vA9/O9L64BbqYfvb24SopjwGLKhH/zpOqNoWAWUaTUCXm:gnlgbrkZ5hONdvNUK8H/gQnW

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b5293bead6de3064da160f7e5d767928a6c181861538a667e54d1b99d076d083

b5293bead6de3064da160f7e5d767928a6c181861538a667e54d1b99d076d083.7z
.7z

Password: infected
b5293bead6de3064da160f7e5d767928a6c181861538a667e54d1b99d076d083
.exe windows:5 windows x86 arch:x86

Password: infected

88381b84da56810b869e897e6d45bd58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

EnumChildWindows

Exports

Exports

Ox12345678

Sections

.MPRESS1
Size: 1.2MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.main
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE