7738426258[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7738426258.zip
Size

226KB
MD5

170e727154503880abee16de87b2b7c6
SHA1

b5703e38017b117f07016aa24cd5e3f8f1ff2225
SHA256

71aed22dad72edfbde89027a6b8493823ce54b97982e2a08afc3e7b7c774ef8e
SHA512

bad9b57ffe873fe0d124ee940465e50e37d4e53f0e5ddc3cf7304c34e0503c16ca12f3f3e597da99c6b065298a233320b71290ac071127e461be72ae7fa2bc09
SSDEEP

6144:cLEnSdeYF/JYGG4NckhBNXiasz/TCN3JdOwnvEdRPj:pqFqIZR1mOTd1vaPj

Score

N/A

Malware Config

Signatures

Files

7738426258.zip
.zip

Password: infected
408350d5ec3b95b75b24c7b37129c3b1761da78525c1cf65c561dc798f966f72
.exe windows x86

Password: infected

3f1d6a4ed684b8e744f272f18aebd5ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
GetVersionExW
GetConsoleCP
GetConsoleAliasesLengthA
VerLanguageNameW
FindFirstFileExA
GetDriveTypeA
FreeEnvironmentStringsA
GetProcessPriorityBoost
SetVolumeMountPointW
GetLongPathNameA
CopyFileW
TlsSetValue
SetConsoleCursorInfo
LocalHandle
TzSpecificLocalTimeToSystemTime
FindAtomW
ReleaseSemaphore
GetNamedPipeHandleStateA
SetThreadPriorityBoost
BuildCommDCBAndTimeoutsA
GetProcAddress
GetModuleHandleA
LocalAlloc
LocalReAlloc
GetCommandLineA
InterlockedExchange
DeleteFileA
CreateActCtxA
SetPriorityClass
GetProcessHeap
GlobalUnWire
ReadConsoleOutputCharacterA
GetStartupInfoA
GetDiskFreeSpaceExA
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetLastError
GetProfileStringW
GetCalendarInfoW
GetProfileStringA
SetLastError
GetStringTypeExA
DebugBreak
GetPrivateProfileSectionW
lstrcmpW
ReadFile
GetConsoleMode
GetThreadSelectorEntry
lstrcatW
CreateActCtxW
GetMailslotInfo
TerminateThread
DefineDosDeviceW
EndUpdateResourceW
WriteConsoleA
GetPrivateProfileStructW
TryEnterCriticalSection
HeapLock
PeekConsoleInputA
GetTapeStatus
CreateSemaphoreW
FindResourceExW
SetLocalTime
CreateSemaphoreA
GetOverlappedResult
SetThreadLocale
SetFileShortNameA
lstrcpyA
UnlockFile
GetConsoleAliasW
GetConsoleAliasExesLengthW
EnumDateFormatsW
CancelDeviceWakeupRequest
ResetWriteWatch
GetNumberOfConsoleInputEvents
LoadLibraryA
TlsGetValue
OpenMutexA
GetComputerNameW
HeapFree
OpenMutexW
SignalObjectAndWait
SetEndOfFile
FindClose
PostQueuedCompletionStatus
AreFileApisANSI
SetWaitableTimer
EnumResourceNamesW
GetProcessTimes
FatalAppExitA
lstrcpynW
GetNamedPipeInfo
FillConsoleOutputCharacterA
GetCompressedFileSizeW
FindNextVolumeMountPointW
GetFullPathNameW
WriteProfileStringA
GetLogicalDrives
GlobalAddAtomW
TerminateJobObject
QueryDosDeviceW
LeaveCriticalSection
Process32NextW
SetCurrentDirectoryW
GetBinaryTypeW
FileTimeToLocalFileTime
CallNamedPipeW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleW
ExitProcess
MoveFileA
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
HeapValidate
IsBadReadPtr
GetStringTypeW
TlsAlloc
GetCurrentThreadId
TlsFree
GetStdHandle
WriteFile
OutputDebugStringA
WriteConsoleW
GetFileType
OutputDebugStringW
LoadLibraryW
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
GetLocaleInfoA
GetStringTypeA
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
SetFilePointer
GetLocaleInfoW
SetStdHandle
GetConsoleOutputCP
CloseHandle
CreateFileA

advapi32

AbortSystemShutdownW

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomoru
Size: 512B - Virtual size: 5B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10.9MB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

3f1d6a4ed684b8e744f272f18aebd5ea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 267KB - Virtual size: 267KB

.data Size: 35KB - Virtual size: 102KB

.bomoru Size: 512B - Virtual size: 5B

.rsrc Size: 22KB - Virtual size: 22KB

.reloc Size: 10.9MB - Virtual size: 15KB

.text
Size: 267KB - Virtual size: 267KB

.data
Size: 35KB - Virtual size: 102KB

.bomoru
Size: 512B - Virtual size: 5B

.rsrc
Size: 22KB - Virtual size: 22KB

.reloc
Size: 10.9MB - Virtual size: 15KB