MDE_File_Sample_1e50c34ea352ebeb822ad84c89846be424a2648e[.]zip

General

Target

MDE_File_Sample_1e50c34ea352ebeb822ad84c89846be424a2648e.zip
Size

78KB
MD5

7b06e2b4008fdc57ea85cc0af09da745
SHA1

7b5d9ae0ffd93d815910b76869ce9228fc839590
SHA256

e868cc99796be11a2c0c0753911a804beed1f3d1d2a51b0161c86de10aafc714
SHA512

08985b4188d71661173d39483de30f66b426faf87b3602a619e378557903cf8ee75eecefc29a0d63badbba9aa5ba7efb240c110e680c68d425f63415c0a0d7c1
SSDEEP

1536:Ne+tm8jkjAJ8cKdkRqIw+onI8rpZZnyiQF9T2tUBIWLzWdHm54bw67k0I4/YbF:Ne+g8Qj0MWYJrtATJiw67t/Y5

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mvms.exe

MDE_File_Sample_1e50c34ea352ebeb822ad84c89846be424a2648e.zip
.zip

Password: infected
mvms.exe
.exe windows:4 windows x86 arch:x86

14610dd0ebbc796a9a3a2ba2cdd24e79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxW

Sections

.text
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE