General

Malware Config

Signatures

Files

• 7693936146.zip

  .zip

  Password: infected

• 368b61ca6fcbc7530070f83c65137ff710f5a7d3e43d931b542da38089afa505

  .iso
• 7287387845476394829823.dll

  .dll windows x64

  1785537dc126733cd6aebe3ac5dec761

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  imm32

  ImmGetOpenStatus

  ImmEnumRegisterWordA

  ImmSetConversionStatus

  ImmGetCandidateListCountW

  ImmGetDefaultIMEWnd

  ImmSetCandidateWindow

  ImmConfigureIMEA

  ImmInstallIMEW

  gdi32

  GetOutlineTextMetricsW

  GetFontData

  FixBrushOrgEx

  GetEnhMetaFileHeader

  msvfw32

  ICRemove

  ICOpenFunction

  ICDecompress

  ICImageCompress

  ICImageDecompress

  rasapi32

  RasGetErrorStringA

  RasHangUpA

  RasGetProjectionInfoA

  RasValidateEntryNameA

  RasSetAutodialEnableW

  RasGetAutodialParamA

  RasSetAutodialParamW

  RasGetLinkStatistics

  RasFreeEapUserIdentityA

  Exports

  Exports

  F2b5Md

  KPtl5F4

  PlgkyDRu

  UdEntMae

  XDvip2

  YESX4c17CWf

  a3d1WDV

  bqBCbWafp

  dob9IAqza

  hYtbmfgVoG

  ijniuashdyguas

  jpbal80R

  kdAcrG

  lpcPSgaWRP

  lxc7Ax

  mbpOZisWu

  nNPDCdMs

  oHOdZvMg

  osGQAy6nO

  sztDIkOA

  zcmXYrUe

  Sections

  .text

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 654KB - Virtual size: 653KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• Case.pdf

  .pdf
• Case.pdf.lnk

  .lnk
• HDFcvLHBhKEQvBlli.ps1

  .ps1