MDE_File_Sample_294abd07b51407d8dc27e0c202050c14dfca6355[.]zip

Sharing

Target

MDE_File_Sample_294abd07b51407d8dc27e0c202050c14dfca6355.zip
Size

37KB
MD5

37b88f1c935e74c8e79adbccc7e58787
SHA1

9e35eda5a76e970dd1454d099b67e76d89de45ad
SHA256

fb34de82d5d178f76bbcdee64782789c80790a72bc4762be00362d319bf548a5
SHA512

5c91f3da50d9cfcc2b9dc87ccc77e3353abf4fa5a2df3d10f0625a2f786cecc7a0334126da03d09e3b8d25a97c543e6c1a8386964b8bb3d80eb82dcff9d0e3e3
SSDEEP

768:Tmp4dFJedaXoMn4DaJpxpak/6S3ltMgg8g9XJq15kIzaL0BOi6e:TmGFHX/Ia7SkIjq1+WaLyOi6e

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/keygen.exe

MDE_File_Sample_294abd07b51407d8dc27e0c202050c14dfca6355.zip
.zip

Password: infected
Keygen-AMPED.rar
.rar

Password: infected
amped.nfo
file_id.diz
keygen.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE