7545916155[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7545916155.zip
Size

144KB
MD5

f0dbf8defaa200d01571a84f73ffb615
SHA1

e85085d3f50d0128c7b3eebf96b95bb690f505f1
SHA256

af2bdcb67b12da634eebb5783619cd4f87230999fe61ea70dfe91030984bfbf1
SHA512

799d150fa4a1dfec6cd66e22de7b1844c1c38885c8287661435432e32d0cc567266cc764fc0e98d93340d62c4999b25a062ae1b9913e4e651964685274160748
SSDEEP

3072:MemXXthGTZMNUAERdOtxHC1w6b/l21gfACBTtPya78OB08t:CXSTZLFsHCxNugIghPya4OS8t

Score

N/A

Malware Config

Signatures

Files

7545916155.zip
.zip

Password: infected
f8a2e41ea8ca0e998bcd54d8256cb538b1e32cec4e80eb810e8df003427b886b
.exe windows x86

b6dc566a06bc77ef1171b0a7f77611f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFlags
GlobalAlloc
LoadLibraryW
InterlockedPopEntrySList
LeaveCriticalSection
WriteConsoleW
GetMailslotInfo
GetVolumePathNameA
lstrlenW
GetConsoleAliasesW
GetCPInfoExW
FillConsoleOutputCharacterW
GetLongPathNameW
SetLastError
WriteProfileSectionA
LoadLibraryA
IsWow64Process
MoveFileA
GetModuleFileNameA
GetConsoleTitleW
VirtualProtect
GetFileAttributesExW
SetCalendarInfoA
GetFileInformationByHandle
CreateFileW
HeapSize
SetConsoleTextAttribute
WriteConsoleOutputCharacterA
GetConsoleAliasesLengthW
SetStdHandle
FreeResource
FlushFileBuffers
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
HeapFree
IsProcessorFeaturePresent
EnterCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
RaiseException
RtlUnwind
MultiByteToWideChar
LCMapStringW
GetStringTypeW
HeapReAlloc
CloseHandle

user32

ClientToScreen

gdi32

GetTextExtentExPointA

advapi32

IsTokenRestricted
ClearEventLogW

ole32

CoFileTimeNow

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b6dc566a06bc77ef1171b0a7f77611f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 165KB - Virtual size: 165KB

.data Size: 25KB - Virtual size: 289KB

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 165KB - Virtual size: 165KB

.data
Size: 25KB - Virtual size: 289KB

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 6KB - Virtual size: 6KB