7512236165[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7512236165.zip
Size

162KB
MD5

970fac6c7dd8d70c5085a8a772fbc906
SHA1

c381def05567f94cb015f8777cc9bb213f9ee74c
SHA256

c8e81f88e0d48108b34f4b9ac3d7eca15a586d9934107450446696eb805cb233
SHA512

98f5ffa62be03f9c6a016648d1b5286bb3e8e2b99f624b05174d91bd20a8abf09d5bb67fe0562e37dd51679275ede1b22f889e1fad167de18fff001a20f178f1
SSDEEP

3072:ri3ilS5VB9Hvvqj0d2NPp5W5okImPfts9AP8njazubcDX9czuD82qOw4Z0BF:EpnBJe0OPHWGk/PaABz9X5DcF

Score

N/A

Malware Config

Signatures

Files

7512236165.zip
.zip

Password: infected
3702b5512d3d37bce8f288b800d11743b6f3a280df0d40aa57cd5080dffb1839
.exe windows x86

dffd2a4cac832b6ecfd756371ddd7212

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetConsoleAliasesLengthA
GetConsoleTitleA
InitializeCriticalSection
SetCommConfig
SwitchToFiber
Sleep
GetCalendarInfoW
IsBadCodePtr
GetStringTypeExW
DnsHostnameToComputerNameW
GetMailslotInfo
SetConsoleTitleA
InterlockedExchange
GetProcAddress
VirtualAlloc
SetStdHandle
SetFileAttributesA
GetAtomNameA
LoadLibraryA
UnhandledExceptionFilter
LocalAlloc
FoldStringW
GetModuleFileNameA
GetDefaultCommConfigA
UpdateResourceW
GetVersionExA
LCMapStringW
DeleteFileA
GetLocaleInfoA
GetComputerNameA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
GetStringTypeW
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
CloseHandle
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

gdi32

GetCharWidthFloatW

winhttp

WinHttpCheckPlatform

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 40.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

dffd2a4cac832b6ecfd756371ddd7212

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

winhttp

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 159KB - Virtual size: 40.0MB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 159KB - Virtual size: 40.0MB

.rsrc
Size: 64KB - Virtual size: 64KB