Malware[.]zip | Triage

General

Target

Malware.zip
Size

36KB
MD5

2d134cc7b70ee5cb7617fdff14cb646c
SHA1

183a2d58ce931f45e3408069e70afb2cf645b960
SHA256

42477a75103f698014fc83d5398fb3be3699f82e57719a5805b8d296258c65e0
SHA512

ef0e879fe8b6cca2faed68cec8d014b2ce31d3e75cf5cb4c52e48db70e931fbd231b599d4fd174a9538bb014e12ec8f9efd69b68900db48ad7c60e4a71ee9596
SSDEEP

768:oXSnv00qMAgJMM+pTXdRZqa/xHOlIlxEIAQN6XjJoHmSYG8Loqqmds:oCspMdkpjdRl/xu0xjAY6XjuHRYG8V/s

Score

N/A

Malware Config

Signatures

Files

Malware.zip
.zip
Presentation.lnk
.lnk
atecoolapasp/everlasting.dat
.dll windows x64

e40c51364bab552190f23e8c21b26e05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ReadConsoleInputW
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
SetConsoleOutputCP
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
GetConsoleCP
SetConsoleTextAttribute
SetConsoleWindowInfo
ScrollConsoleScreenBufferW
ReadConsoleOutputW
SetConsoleTitleW
GetConsoleDisplayMode
GetConsoleMode
VirtualAlloc
CreateEventA
SetConsoleCursorPosition
WaitForSingleObject

gdi32

FixBrushOrgEx
GetFontData
CreateICW
GetTextAlign

uxtheme

IsThemeDialogTextureEnabled
DrawThemeEdge

Exports

Exports

DaUIghEBlHnSYhYU
ItbdHhPjyJvrgMX
JQDKSYoDmefxZG
MFkKxLNbBtGMQJU
NVGqmCjFpOP
PAkWdxKfhEghOjN
QdiTNqxiorR
RbUAxkpfIWsHLZ
gADiztCqCLXpD
pFuSGKejnooPhxjz
pjnAmXVxZFCUmov
qSbWxWItvBeGq
uVtYRAtpzzWUy
uhandahygstdgahuisjdjnsuays
zyPuARjuIBdRtcdg

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
atecoolapasp/westernexcerpt.bat

Sharing

General

Malware Config

Signatures

Files

e40c51364bab552190f23e8c21b26e05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

uxtheme

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 480B