816fdd72e167b3583dc4eed77023b72bedaf47f6be9e5d66bb7a19aa64bbff12[.]zip

General

Target

816fdd72e167b3583dc4eed77023b72bedaf47f6be9e5d66bb7a19aa64bbff12.zip
Size

1.4MB
MD5

cca1f0f1b65d9c2e17071966cd67eb52
SHA1

70740eb71e88d39ebf9d965faf466abc1c70bade
SHA256

e0586da942d52268f10c9d12fb77039f95e04c85dd21cb520df171bd817cf6fc
SHA512

f8726f13da23e96e30058823a3c11633f2678e9fdf1d4cd66eb48ad38b6fd4f5ba0cb27ba443b4e761d17196ed948cd63d3817d92ec57af5f5a35c2076c0f0eb
SSDEEP

24576:J+8dP7ipX6a0iV5tJai6HCrYWfkaHT0l6Oo0AvFxYNvFjIL99NLT0gk:ZdP7ipXP/Y+T0XKFx4djILvNLYgk

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/816fdd72e167b3583dc4eed77023b72bedaf47f6be9e5d66bb7a19aa64bbff12.exe

816fdd72e167b3583dc4eed77023b72bedaf47f6be9e5d66bb7a19aa64bbff12.zip
.zip

Password: infected
816fdd72e167b3583dc4eed77023b72bedaf47f6be9e5d66bb7a19aa64bbff12.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ