1c7787b9440e1831958e911d164064869f45e254a0a3cdc53d9ef70b1bfc7dd3

Resubmissions

09-11-2024 17:20

09-11-2024 14:21

Target

1c7787b9440e1831958e911d164064869f45e254a0a3cdc53d9ef70b1bfc7dd3
Size

1.2MB
MD5

d578645f073f91a510a5310727891da5
SHA1

4d18aef7bbb41099f84544c1b44597912cf2365e
SHA256

1c7787b9440e1831958e911d164064869f45e254a0a3cdc53d9ef70b1bfc7dd3
SHA512

6aef4b711df2503215e4722f57eac2f986e4820fb52b5eff280ac6768a7b50a6acf6f8dda2bb455ef3f263a12864df57d9f005035f86b621ff7f44164b22b0ee
SSDEEP

24576:RHd0Wk9/OG1xlMZH7coVjFCHrDKWmKWlIieiNx+7Ja1ZM4tHZSQwJj:R90Wk9WWlmbjWHKXnlIhirdDMOm

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/FEDEX TRN 771893954554.exe

1c7787b9440e1831958e911d164064869f45e254a0a3cdc53d9ef70b1bfc7dd3
.zip

Password: infected
46ebeef0d2744f31a16c27b26e21eef38e687441e3121f75986127a4f93a5d4d.img
.iso

Password: infected
FEDEX TRN 771893954554.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ