a67db0aadb47dbd83ba1e9788a8872239c18d146e93158b0874d946976959f55[.]zip

General

Target

a67db0aadb47dbd83ba1e9788a8872239c18d146e93158b0874d946976959f55.zip
Size

2.5MB
MD5

3f76df36d9cb30b7c4cbd52d8ceedd62
SHA1

5d8bd70f8d9123854e62f7e225a4bfb5f1258877
SHA256

1a944d264e998964cbd5b266b2f9832a49ec0211990e74584cfc379a888dd825
SHA512

272a2b20055c81a330145d8fef182d4771ca4c5f136a23afb15b108d625c952fd5fe8c7e1646d00912d57cc720bd1893d9fb081422bfa66aa65f8782dd4a91a6
SSDEEP

49152:i6SDqQTHKSn87y/kOE7EyKOsb5MFIRHpL10xctCLvEUKxgA5LTP:T6qQDsWVWEyts/x5tcvEUadP

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a67db0aadb47dbd83ba1e9788a8872239c18d146e93158b0874d946976959f55

a67db0aadb47dbd83ba1e9788a8872239c18d146e93158b0874d946976959f55.zip
.zip

Password: infected
a67db0aadb47dbd83ba1e9788a8872239c18d146e93158b0874d946976959f55
.exe windows:6 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ