3947367_protected[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

3947367_protected.zip
Size

2.1MB
MD5

e1379b115942410181a38c0e2357675e
SHA1

538570c5910267ed8ee7b256f74d4d3aff63b78d
SHA256

c8b10bc88d18969c4cbe1cc9a879ffcc45427a6f8e69aed1ff5e0e350d6313ce
SHA512

c0fcede58b39a93fa4b29a6b8fa0a315fe76355914523494737490af630fde0fccd8fd577917bd5b914037fddca2c48dba85559ed7d63ed4eda2124f8f5c0fd5
SSDEEP

24576:TZRBfOWsUEn7e7xTl3MpzqS4fSprGSKrIRBJT/Lb4rky5+Fc3fHnB/3FRKJc5AFt:TXBmWsMcpO+qWTIh+WgJyAsp/srW6r

Score

N/A

Malware Config

Signatures

Files

3947367_protected.zip
.zip

Password: infected
771E310A5C08E870D428A7F5DB6F62FCAFEE1C94
771E310A5C08E870D428A7F5DB6F62FCAFEE1C94_decoded.bin
.dll windows x64

Password: infected

3e98d4e51a6f530484e3c5171150fa60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateSemaphoreW
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
RaiseException
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_filelengthi64
_fileno
_fstat64
_initterm
_lock
_lseeki64
_unlock
_wfopen
abort
calloc
fclose
fflush
fgetpos
fopen
fputc
fputs
fread
free
fsetpos
fwrite
getc
getwc
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
putc
putwc
realloc
setlocale
setvbuf
strcmp
strcoll
strerror
strftime
strlen
strncmp
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm
_write
_read
_fileno
_fdopen
_close

Exports

Exports

CPlApplet

Sections

.text
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
771E310A5C08E870D428A7F5DB6F62FCAFEE1C94_decoded_meta.bin

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

3e98d4e51a6f530484e3c5171150fa60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 692KB - Virtual size: 692KB

.data Size: 283KB - Virtual size: 282KB

.rdata Size: 62KB - Virtual size: 61KB

.pdata Size: 43KB - Virtual size: 42KB

.xdata Size: 59KB - Virtual size: 59KB

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 101B

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 692KB - Virtual size: 692KB

.data
Size: 283KB - Virtual size: 282KB

.rdata
Size: 62KB - Virtual size: 61KB

.pdata
Size: 43KB - Virtual size: 42KB

.xdata
Size: 59KB - Virtual size: 59KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 101B

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 6KB - Virtual size: 5KB