7507966150[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7507966150.zip
Size

156KB
MD5

3a76f1212040ea6b2fb5d4ff301406f5
SHA1

00ea32beeef49e32d47110f8dfdfd47c94e544cd
SHA256

a2ee28f1dc5f23581eac4565a5dc4da46b2672efb0baecb44fd8bddaa905ca2f
SHA512

cb94ce38f21a441ac784cec43c6a68a79a7b1edc7a1a550237445d3a89ddab6724bd8d3a9a579cb3c2f21787d59dee5ccb32fe4bc72f730a2cfa12de58867dcf
SSDEEP

3072:ymZx2Yp4Fk4zxWfzkUOvezy2Q6+0gQMRG/vxfq478eUIXRFn8BhVTk2XsM4xt:yWbik4zxMkjv/j0bMRGXxBd/RZQat

Score

N/A

Malware Config

Signatures

Files

7507966150.zip
.zip

Password: infected
01db498ca06dabda123034895818aadcab386b758e5b468eb9847b83ba001286
.exe windows x86

f7a1bb6a2d02ab5f55829d55429fb196

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeA
MoveFileExA
InterlockedDecrement
WaitNamedPipeA
SetVolumeMountPointW
GetComputerNameW
GetConsoleAliasesLengthA
ReadConsoleW
SetFileTime
SetCommTimeouts
InitializeCriticalSection
SwitchToFiber
HeapValidate
GetAtomNameW
GetMailslotInfo
CreateActCtxA
CreateMailslotW
SetConsoleTitleA
VerifyVersionInfoW
GetStdHandle
GetLongPathNameW
GetProcAddress
VirtualAlloc
CreateMutexW
CopyFileA
EnterCriticalSection
LoadLibraryA
WriteConsoleA
UnhandledExceptionFilter
LocalAlloc
DnsHostnameToComputerNameA
GlobalGetAtomNameW
GetModuleFileNameA
GetDefaultCommConfigA
LoadLibraryExA
GetConsoleTitleW
GetFileTime
SetCalendarInfoA
GetVersionExA
GetVolumeNameForVolumeMountPointW
GetFileInformationByHandle
LocalFree
WriteProcessMemory
EnumSystemLocalesW
SetFileAttributesW
LCMapStringW
PeekConsoleInputW
GetSystemDefaultLangID
WideCharToMultiByte
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
DeleteCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
GetStringTypeW
GetModuleHandleW
ExitProcess
WriteFile
HeapAlloc
HeapCreate
VirtualFree
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
SetHandleCount
GetFileType
SetFilePointer
CloseHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleW
CreateFileA

gdi32

GetCharWidthFloatA

winhttp

WinHttpCloseHandle

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f7a1bb6a2d02ab5f55829d55429fb196

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

winhttp

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 33KB - Virtual size: 2.1MB

.rsrc Size: 47KB - Virtual size: 47KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 33KB - Virtual size: 2.1MB

.rsrc
Size: 47KB - Virtual size: 47KB