d2ec308c83a3256727c6045efb99ea27a19ee06d2966083a0bf99b3300106712[.]zip

General

Target

d2ec308c83a3256727c6045efb99ea27a19ee06d2966083a0bf99b3300106712.zip
Size

1.6MB
MD5

6e3d303d7e5304c5284fee32542fcf58
SHA1

49ebe277f1a1a80810c163fd87c34a51e2c5524c
SHA256

0a043f9c6870e66e32f9172f543d24a55b1d26ce062824ac2c3f852decadb80a
SHA512

ff9f7ff8a5228d79ea424bc6b384edc09e17b49abf65b0650c1c55f4bd39016587072a01c5157705d84890d263a32248308e8b8eec88f4ce52855dfe73c83b85
SSDEEP

49152:avSovbNI3xYintZOsb5gbG9DF+0AAprjIhG:aqovOKindlgC9D80aG

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d2ec308c83a3256727c6045efb99ea27a19ee06d2966083a0bf99b3300106712.exe

d2ec308c83a3256727c6045efb99ea27a19ee06d2966083a0bf99b3300106712.zip
.zip

Password: infected
d2ec308c83a3256727c6045efb99ea27a19ee06d2966083a0bf99b3300106712.exe
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cbheetbk
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

clttepxk
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE