7991976155[.]zip

General

Target

7991976155.zip
Size

1.7MB
MD5

6513227c631b99ff7954611dae63aec0
SHA1

7abe610537a832ed506713d4d76904c3b1761af1
SHA256

fb4d8eab720bfa491d4cd6dc732bb6d2f74c77a37c8056d7eafdb7a01bcba3bd
SHA512

d1d745e45ce29a1c889331307229af85ce0dd37522fe4da7b408ca29bf6b448952cab09ad6d6dfad87d9c01567e3823fa726d1504934e5ee118a549a94063850
SSDEEP

49152:2jvkPJP3kYN+nnb3ikBoD6BGcbDrNEKcKXVG2Y:2jvwN3kRnb3ikBTxbVLm

Score

N/A

Malware Config

Signatures

Files

7991976155.zip
.zip

Password: infected
ad1a90f2f253a9adf45be85682d7b44994ab4e8ceafc1a5805316c39c803ccc8
.iso
9n3.dll
.dll windows x64

2dd36b0d9aa438043b5c7c7e8350d53a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVolumeNameForVolumeMountPointW
HeapAlloc
HeapFree
GetProcessHeap
Sleep
ExitProcess
GetCurrentThreadId
SetProcessShutdownParameters
GetProcessHandleCount
GetThreadIOPendingFlag
VirtualProtect
VirtualAllocEx
GetModuleFileNameA
GetModuleHandleExA
GetProcAddress
FatalExit
FormatMessageA
_llseek
LoadLibraryA
LoadLibraryW
EnumResourceNamesW
GetProfileStringA
WriteProfileSectionW
ReadConsoleInputA
AddConsoleAliasW

user32

ToUnicodeEx
DrawAnimatedRects
PostMessageA
GetClassInfoA
PrintWindow
GetWindowPlacement
AnyPopup
GetDlgItem
CharUpperBuffA
OemKeyScan
ShowScrollBar
RegisterShellHookWindow
LoadBitmapW
CreateIconIndirect
IsDialogMessageA
GetWindowModuleFileNameA
GetAltTabInfoW

Exports

Exports

IternalJob
SetPath

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
document.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

Password: infected

2dd36b0d9aa438043b5c7c7e8350d53a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 1.2MB - Virtual size: 1.2MB

.pdata Size: 512B - Virtual size: 276B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 1.2MB - Virtual size: 1.2MB

.pdata
Size: 512B - Virtual size: 276B

.rsrc
Size: 2KB - Virtual size: 1KB