c:\Users\Hp\AppData\Local\Temp\bin_copy\obj\Debug\Obfuscated Name.pdb
Static task
static1
1 signatures
General
-
Target
c1b33d9ce977f2a7c8577c0b88a45b5bd309f7cc73d5f68151d5d4e5aa10a523.zip
-
Size
2.9MB
-
MD5
df64dfa9c41bfe6f2696c56c4b083164
-
SHA1
1dbef8fbd000578ac3d114555b0c393258858330
-
SHA256
c67bdb1376d2c814b209d17cac6750a7177e6a0937607ca014c29aa5ebc7aa2a
-
SHA512
c7818c7cb0bae461776dcc5b4805c0762a514b3dd296621b36feb01227e5a77daa54ffa50bbc272bd7f58bd7a03b542f557caded9226ecf47102f216106569bd
-
SSDEEP
49152:fqldE1+XL7lDUVt/ATV9ggjgBpuw1bVrBaFow3BDlzGmurHvImyI:ilk+tDUVt/ATVCawTrBeok1GmuzvcI
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/c1b33d9ce977f2a7c8577c0b88a45b5bd309f7cc73d5f68151d5d4e5aa10a523.exe
Files
-
c1b33d9ce977f2a7c8577c0b88a45b5bd309f7cc73d5f68151d5d4e5aa10a523.zip.zip
Password: infected
-
c1b33d9ce977f2a7c8577c0b88a45b5bd309f7cc73d5f68151d5d4e5aa10a523.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ