b3cb37a3a43a6a0cec09c23591fb314a697f3177[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

b3cb37a3a43a6a0cec09c23591fb314a697f3177.zip
Size

185KB
MD5

eb497beb3e11ff6ee1d3847609ad95ae
SHA1

5a298197cdc3856f26e7ca91337e09bb42a3c25a
SHA256

acbaa52972176317e8b35ea3750acccee1af5c2cdeb92e449a3c1ec5bc5c6b0c
SHA512

b8a58499320c8852d20c13514b497e4c1697a84f5fed8627eeac87ae79db95ab5a3dbe9694fe081fb7fe3285476ac4a962e9b55ecf1c6fa526dfcca31e7ab5a2
SSDEEP

3072:+B1i6HfR3lJhe6wQQejf/SoeevyxEfw74jcPGgqv3pqFcGi:+BEkf1vrnXjf/rvyxdmcpqvIFcH

Score

N/A

Malware Config

Signatures

Files

b3cb37a3a43a6a0cec09c23591fb314a697f3177.zip
.zip

Password: infected
b3cb37a3a43a6a0cec09c23591fb314a697f3177.rl
.exe windows x86

Password: infected

f77fefbdb57e5e3bfb640c1de800e4bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsW
DosDateTimeToFileTime
CreateNamedPipeW
ReplaceFileW
CreatePipe
GetCalendarInfoA
IsValidLocale
GetLogicalDriveStringsA
EnumCalendarInfoA
GetACP
GetCurrentThread
CreateFileMappingA
SetLocaleInfoW
GetProcAddress
GetFileTime
GetModuleHandleA
GetSystemDirectoryA
lstrcpynA
GetUserDefaultLCID
EnumTimeFormatsA
lstrcpyW
CopyFileA
GetFullPathNameW
GetEnvironmentVariableW
OpenSemaphoreW
GetCommandLineA
lstrlenW
FileTimeToLocalFileTime
OpenMutexW
IsBadReadPtr
GetCurrentDirectoryW
CreateFileW
lstrcatA
FindAtomW
GetSystemInfo
CopyFileExW
GetLogicalDriveStringsW
GetTempPathA
ExpandEnvironmentStringsA
OpenSemaphoreA
GetSystemDirectoryW
GetWindowsDirectoryW
GetFullPathNameA

user32

GetMessageW
CharPrevA
DialogBoxIndirectParamA
GetClassInfoExW
GetMenuState
SetWindowTextW
LoadImageA
GetWindowTextLengthW
RegisterClassA
PostQuitMessage
GetDC
CreateDialogParamA
GetScrollPos
GetActiveWindow
InsertMenuA
GetWindowLongW
DestroyCursor
ActivateKeyboardLayout
CopyIcon
SetMenu
DrawTextA
DrawTextW
DefFrameProcA
GetCapture
GetMenuInfo
GetWindowTextA
GetCursorPos
GetSysColorBrush
SetActiveWindow
MonitorFromWindow
SetParent
CreatePopupMenu
LoadMenuW
UnregisterClassW
wsprintfW
GetForegroundWindow
GetMenuItemRect
GetKeyboardLayout
CreateAcceleratorTableA
ChildWindowFromPoint
SetCursor
LoadIconW
MessageBoxW
GetMenuStringW

gdi32

SetColorSpace
Arc
EqualRgn
GetStockObject
AnimatePalette
GetTextMetricsW
EnumObjects
GetNearestColor
CreateFontIndirectExA
GetSystemPaletteEntries
GetMetaFileA
GetGlyphIndicesW
GetCharABCWidthsFloatA
ExtTextOutA
GetEnhMetaFileHeader
FillRgn
EnumFontsA
CopyMetaFileW
ScaleWindowExtEx
GetRegionData

advapi32

RegSaveKeyA
RegFlushKey
RegCreateKeyW

comdlg32

PrintDlgW
PageSetupDlgW
GetSaveFileNameW
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

wininet

InternetOpenUrlW
ParseX509EncodedCertificateForListBoxEntry
SetUrlCacheHeaderData
HttpOpenRequestA
SetUrlCacheEntryGroupA
HttpSendRequestW
PrivacyGetZonePreferenceW
FindNextUrlCacheEntryExW
ShowCertificate

winmm

WOW32DriverCallback
midiInGetErrorTextW
midiStreamOut
mciGetDriverData
waveInGetErrorTextW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.v
Size: 512B - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WmM
Size: 512B - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DP
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xjFSqv
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FsGjd
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.az
Size: 512B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IQSQLw
Size: 1024B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lUI
Size: 1024B - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f77fefbdb57e5e3bfb640c1de800e4bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

wininet

winmm

Sections

.text Size: 13KB - Virtual size: 12KB

.v Size: 512B - Virtual size: 41KB

.WmM Size: 512B - Virtual size: 45KB

.DP Size: 512B - Virtual size: 16KB

.xjFSqv Size: 4KB - Virtual size: 12KB

.FsGjd Size: 512B - Virtual size: 37KB

.az Size: 512B - Virtual size: 31KB

.data Size: 11KB - Virtual size: 11KB

.IQSQLw Size: 1024B - Virtual size: 13KB

.lUI Size: 1024B - Virtual size: 162KB

.rsrc Size: 164KB - Virtual size: 164KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.v
Size: 512B - Virtual size: 41KB

.WmM
Size: 512B - Virtual size: 45KB

.DP
Size: 512B - Virtual size: 16KB

.xjFSqv
Size: 4KB - Virtual size: 12KB

.FsGjd
Size: 512B - Virtual size: 37KB

.az
Size: 512B - Virtual size: 31KB

.data
Size: 11KB - Virtual size: 11KB

.IQSQLw
Size: 1024B - Virtual size: 13KB

.lUI
Size: 1024B - Virtual size: 162KB

.rsrc
Size: 164KB - Virtual size: 164KB

.reloc
Size: 1KB - Virtual size: 1KB