d16b25409ace23b3bfad238129f93ac226a9b1f6e0f159a6af05541017e6cea3[.]zip

General

Target

d16b25409ace23b3bfad238129f93ac226a9b1f6e0f159a6af05541017e6cea3.zip
Size

590KB
MD5

bb141e0362537b5cabd610f931478bbd
SHA1

e5271337018122d0d67fd9d9398c6126d863d352
SHA256

b300ccec36c3da460686041a17d0d5417e021179da3f882b23a5054b4def7225
SHA512

b17a0ee5433332022df4a31d097ffe6c0d938cec16b08a7a5b660f238a3ef99f94feade86de7996bf71a873281f7740fbabb83da97f40d1a31ff909f2ca0b997
SSDEEP

12288:X4FLXhW3zTP2zK2RjYWV2CoElKzHdMShmLQD4gPACscq2RubQ4M2P63gPI29P:4LYzTezK4jYWV2fbdMKLF7q2sc4M2LP/

Score

N/A

d16b25409ace23b3bfad238129f93ac226a9b1f6e0f159a6af05541017e6cea3.zip
.zip

Password: infected
d16b25409ace23b3bfad238129f93ac226a9b1f6e0f159a6af05541017e6cea3.exe
.exe windows x86

343d471493780630021b96af04ba810a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

PlaySoundA

user32

LoadAcceleratorsA

gdi32

CreateEnhMetaFileA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

SetThreadToken

shell32

DragAcceptFiles

shlwapi

PathRemoveExtensionA

oledlg

ord3

ole32

OleGetIconOfClass

oleaut32

VarDateFromStr

Sections

.text
Size: 583KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE