437945c89a32a31cd1ce1b71b24e850af688e7b16ca5e9986568cf473cbd5bfd[.]zip

General

Target

437945c89a32a31cd1ce1b71b24e850af688e7b16ca5e9986568cf473cbd5bfd.zip
Size

611KB
MD5

c3baf17cc3323db00e07a7ac1825e3f8
SHA1

5b3c7dac25ac2ff4bec9778e5e3319f445abf4f0
SHA256

d1faa8e683871b743533689235f0c6bb7d8a94a384af0277b3139d19c058a038
SHA512

f9f0de06c2f297af3fe8fb1859a22169dc391f6a06e8835bcc231a07833ddd764addc2d5783ba875981ba223948efb978970b87577d47c36aad306fd761349c0
SSDEEP

12288:VxKkUYjuseOno7oxnXKEirWoeaPNnbkRRoAyGnd644MWSQ:VxEYj7o05KVeSJkRZ56lMLQ

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PAYMENT_CONFIRMATION.exe

437945c89a32a31cd1ce1b71b24e850af688e7b16ca5e9986568cf473cbd5bfd.zip
.zip

Password: infected
437945c89a32a31cd1ce1b71b24e850af688e7b16ca5e9986568cf473cbd5bfd.img
.iso
PAYMENT_CONFIRMATION.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 856KB - Virtual size: 855KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ