6FE853A86F1FA4D4FDD2BED2F5CA17E876D6540E8E9C3C3F261422AC12E3C5B1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

6FE853A86F1FA4D4FDD2BED2F5CA17E876D6540E8E9C3C3F261422AC12E3C5B1.zip
Size

44KB
MD5

df5bab410106a7f7795fc197f3c9958a
SHA1

85cded0c7f13f35f2740c703421c554389c881ff
SHA256

23cde134b875802e283ac735af3a79fbd980efb9267816fbac9dc90cdd079626
SHA512

70099f83d9555f36c91bff56a2135e4707774aa9d8e3e2387adc65f33551334b3535be841ad976b7d043525da016dc0b9390acab37896db5038800ef02b33019
SSDEEP

768:8ebBLpycNBKbI6BfNstSzxFCfX1IYzuY58z6SB63uvI1FwkAKDb2mf5HyGbPswdm:8eVFQn1gSNdiup6SB5vI1yk7imIGjdFW

Score

N/A

Malware Config

Signatures

Files

6FE853A86F1FA4D4FDD2BED2F5CA17E876D6540E8E9C3C3F261422AC12E3C5B1.zip
.zip

Password: infected
6FE853A86F1FA4D4FDD2BED2F5CA17E876D6540E8E9C3C3F261422AC12E3C5B1
.exe windows x86

Password: infectada.

e7c5c119652f243d2c240ed7cdb03c21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
LocalFree
LocalAlloc
ReadFile
GetCurrentProcessId
CreateEventW
WriteFile
DisconnectNamedPipe
InterlockedDecrement
SetEvent
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CreateNamedPipeW
GetLastError
ConnectNamedPipe
CloseHandle
GetFileAttributesW
CreateDirectoryW
OpenProcess
GetCurrentThreadId
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
HeapAlloc
ExitThread
ResumeThread
CreateThread
RtlUnwind
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
Sleep
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
SetFilePointer
SetStdHandle
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CreateFileW
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegisterServiceCtrlHandlerW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
OpenSCManagerW
OpenServiceW
CloseServiceHandle
DeleteService
SetServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherW

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infectada.

e7c5c119652f243d2c240ed7cdb03c21

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 176B