8279698a527f051f71876376d90b7ee29ed6ed65288d3adb9f8d0201284f67d9

General

Target

8279698a527f051f71876376d90b7ee29ed6ed65288d3adb9f8d0201284f67d9
Size

68KB
MD5

961cf5865d5742869c4595790b6eb24b
SHA1

ffc072275f741f75dc401ce5f1e59c808b344612
SHA256

8279698a527f051f71876376d90b7ee29ed6ed65288d3adb9f8d0201284f67d9
SHA512

56923c01469b9f83e4557d43dc9359ee9ec6f6c61f00422dae3e21aeaa1c023f4402ef23559f4f749d9b04dedd197f28577116fa51740cc9976b20884e683f01
SSDEEP

1536:tySArc6TrNnfIx2uQBjrbhooHpH+PWAarzfSxsb1tB5abYEr5:rArc6TrNUyNVooHlUWAarsUXabP

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7C99F31D305176ADE5D0EB2CF219333E4B9DA02BF01E9794BA00421B1E23001F

8279698a527f051f71876376d90b7ee29ed6ed65288d3adb9f8d0201284f67d9
.zip

Password: infected
7C99F31D305176ADE5D0EB2CF219333E4B9DA02BF01E9794BA00421B1E23001F
.exe windows:5 windows x86 arch:x86

f86dec4a80961955a89e7ed62046cc0e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\crysis\Release\PDB\payload.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetLastError
EnterCriticalSection
ReleaseMutex
CloseHandle

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE