c7395af500cf1a7931c8c8566542ffda42c60d9c898850aa9ad359968d060b8e[.]zip

General

Target

c7395af500cf1a7931c8c8566542ffda42c60d9c898850aa9ad359968d060b8e.zip
Size

743KB
MD5

2db50c748921fc5c293e5c179b60bad7
SHA1

9060eda555891070feb7485aec85740c3ee4631c
SHA256

bcbcedc8e5fe363230b599a890298dd667c024c9b2e124aff9fab278b88d1731
SHA512

f882ce890618d0e520500a9b5fd68475ec1b67d1bbf437e4c7790210f22a4abb9c1f95983fb3f9e66691057569db004cc6a7ab619df8c849b8764c4370ac8bb3
SSDEEP

12288:eKNK+0sF363cTsoTPgrAiJyxKs61f3TBUqOr41Dbv040HOZ54:eEK8ucoEorAiJsKZf9Eyv040HE+

Score

N/A

c7395af500cf1a7931c8c8566542ffda42c60d9c898850aa9ad359968d060b8e.zip
.zip

Password: infected
c7395af500cf1a7931c8c8566542ffda42c60d9c898850aa9ad359968d060b8e
.dll regsvr32 windows x64

449b3f8b11c23abaefe8b1973bd6e872

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FlushInstructionCache
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetCurrentProcess

user32

IsWindow
GetKeyboardState
GetDC
ReleaseDC
RedrawWindow
GetSysColorBrush
GetIconInfo

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ