General

Malware Config

Signatures

Files

• core.zip

  .zip

  Password: infected

• cmd.bat
• license.dat
• ordinary_64.tmp

  .dll windows x64

  Password: infected

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Exports

  Exports

  EBlotj

  FtwNY7yt0

  GpaJyj1nA

  IC985wEp8

  URzoFnTx5

  ZkRO76NXgO

  hDfsudjfmD

  hasdnuhas

  hub7Qo

  ltg157

  n8FjZV

  okD7Fh3kev

  wgVQeZ7HO2f

  Sections

  .text

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 503KB - Virtual size: 503KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• pony_.tmp

  .dll windows x64

  Password: infected

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Exports

  Exports

  BoFgxrwGw

  CcA91h1yfiY

  Eun2g3TJUu

  ShqeSpvG39B

  dNNfCs

  dgOUiMYpPQ

  eAWbxZ

  kqr0AIK

  ltYXKGE1Gc

  pSaqvJ8

  rCwqkH6O

  shgdhzggdsgh

  xTNgSYh2S

  Sections

  .text

  Size: 15KB - Virtual size: 14KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 503KB - Virtual size: 503KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ