9f3c1668ee44bfcd1afd599215f5bd73c76609776b78cb04bb6ef1121cc80d37[.]zip

Resubmissions

14/03/2022, 17:54

220314-wgxvtaafb4 8

Sharing

Copy URL

Twitter E-mail

General

Target

9f3c1668ee44bfcd1afd599215f5bd73c76609776b78cb04bb6ef1121cc80d37.zip
Size

238KB
MD5

6989541abb96371dd6b6b52ff743e087
SHA1

0b65120ceb6bff231a3beadee9f4a8dfe66553ff
SHA256

778d299fe06212fbad37d912ddf1157085fe6629c18cdc73567dd717d91b890f
SHA512

284b52f24e515b9a54716bfb7c32d89d772deb9985e7cd913e56ca08023134d582e1718d44b156c5a94fe18e64ddfca87bbca553a25795c6bc736a5124ada7e7

Score

N/A

Malware Config

Signatures

Files

9f3c1668ee44bfcd1afd599215f5bd73c76609776b78cb04bb6ef1121cc80d37.zip
.zip

Password: infected
9f3c1668ee44bfcd1afd599215f5bd73c76609776b78cb04bb6ef1121cc80d37.exe
.exe windows x64

5fc54744cef988b57c81266931fa99ba

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHEmptyRecycleBinA

advapi32

OpenSCManagerA
CryptGenRandom
CryptAcquireContextW
CloseServiceHandle
ControlService
EnumDependentServicesA
QueryServiceStatusEx
OpenServiceA
CryptReleaseContext

rstrtmgr

RmStartSession
RmEndSession
RmRegisterResources
RmGetList

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW
WNetGetConnectionW

kernel32

lstrcpyW
FlushFileBuffers
HeapSize
WriteConsoleW
HeapReAlloc
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
WaitForSingleObject
lstrlenW
CreateSemaphoreA
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetDriveTypeW
GetVolumePathNamesForVolumeNameW
CloseHandle
GetLastError
Sleep
GetCurrentProcess
TerminateProcess
OpenProcess
GetTickCount
GetProcAddress
lstrcmpW
SetVolumeMountPointW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
MultiByteToWideChar
GetCurrentThreadId
CreateFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileSizeEx
GetLogicalDrives
ReadFile
SetFileAttributesW
SetFilePointerEx
WriteFile
CreateMutexW
OpenMutexW
WaitForMultipleObjects
GetCurrentProcessId
CreateThread
ExitThread
SetProcessShutdownParameters
GetSystemInfo
FreeLibrary
lstrcmpiW
lstrcatW
MoveFileExW
WideCharToMultiByte
MoveFileW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FormatMessageA
GetStringTypeW
LocalFree
EncodePointer
DecodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEndOfFile
RtlPcToFileHeader
RaiseException
RtlUnwindEx
LoadLibraryExW
GetTimeZoneInformation
GetCommandLineA
GetCommandLineW
DeleteFileW
GetFileType
GetConsoleOutputCP
GetConsoleMode
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

5fc54744cef988b57c81266931fa99ba

Code Sign

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

rstrtmgr

mpr

kernel32

Sections

.text Size: 360KB - Virtual size: 359KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 6KB - Virtual size: 18KB

.pdata Size: 14KB - Virtual size: 14KB

_RDATA Size: 512B - Virtual size: 148B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 360KB - Virtual size: 359KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 6KB - Virtual size: 18KB

.pdata
Size: 14KB - Virtual size: 14KB

_RDATA
Size: 512B - Virtual size: 148B

.reloc
Size: 4KB - Virtual size: 3KB