7997306132[.]zip

General

Target

7997306132.zip
Size

1.7MB
MD5

91b49d8be4f7df8de7fc70a089d2b60a
SHA1

9dee96e688453fa619eb59100ca6be45f716add5
SHA256

f1717d697da8cab2e5bd34462f692158728f7102734efe53381d0b0715977545
SHA512

05c262b7bdd81c638f4abc2f39b5c302ea02775996e8095af0da1cee6f0c8b3c83cbe049ad5771e211fb7e04eb77111b8304d7b81a022c74fb174db7531a389a
SSDEEP

49152:YQl9JYKpOmN7ucGwTz2APLZqSpu1GdMnlAjdTMR:Pl9JYKkJqPPLkSpucdMlA9MR

Score

N/A

Malware Config

Signatures

Files

7997306132.zip
.zip

Password: infected
4518b5c65eb93ff1e31024f61e25569a9903753816d50e7258722bb608e3cf1b
.iso
document.lnk
.lnk
tar.dll
.dll windows x64

83d7be251e807bf33907343bde19bf25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVolumePathNameW
WriteFileEx
HeapAlloc
HeapFree
GetProcessHeap
CancelWaitableTimer
Sleep
ExitProcess
GetCurrentThreadId
OpenThread
ExitThread
ProcessIdToSessionId
VirtualProtect
VirtualAllocEx
GetModuleFileNameA
GetModuleHandleExA
GetProcAddress
SetupComm
SetCommState
TransmitCommChar
LoadLibraryA
LoadLibraryW
GetVolumeInformationA
SetDefaultCommConfigA
GetVolumePathNamesForVolumeNameA
GetCurrencyFormatW

user32

SetUserObjectSecurity
SendMessageW
SetWindowPos
GetClipboardSequenceNumber
CharToOemBuffA
GetKeyNameTextW
MsgWaitForMultipleObjectsEx
GetMenuStringA
DrawStateA
SetForegroundWindow
SetWindowTextA
AdjustWindowRect
MapWindowPoints
LoadCursorFromFileW
CascadeWindows
SystemParametersInfoW
GetCursorInfo
DdeCmpStringHandles

Exports

Exports

IternalJob
SetPath

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 925KB - Virtual size: 925KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

83d7be251e807bf33907343bde19bf25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 925KB - Virtual size: 925KB

.pdata Size: 512B - Virtual size: 288B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 925KB - Virtual size: 925KB

.pdata
Size: 512B - Virtual size: 288B

.rsrc
Size: 7KB - Virtual size: 7KB