Static task
static1
General
-
Target
d57bcc3f79cc0efbe5b8c4fb346cb8d54a7e33284e07be9a9dc5861e99035ede.zip
-
Size
76KB
-
MD5
4c7b4d28f34a1617fa7e178ce7004815
-
SHA1
b05f4c6fdcaeecc898ee0a3cbc9f686641001974
-
SHA256
17a9ec770067d1df8bb73823b24e9a27d007c4c12d971dc00212f1121aaa14d2
-
SHA512
bb256b1e43834a34ec773cb444f98a2523ef0231c13f713b9a4df6f59dc90df71e729cb550ee21e3fa18daf2f9e7ae328ba3c9519cefc15695321685a21b181d
-
SSDEEP
1536:QILUpGkHz05OcuiETr7LvsF5zu4q47636mNhH:lU1gwcwo5zoNhH
Malware Config
Signatures
Files
-
d57bcc3f79cc0efbe5b8c4fb346cb8d54a7e33284e07be9a9dc5861e99035ede.zip.zip
Password: infected
-
d57bcc3f79cc0efbe5b8c4fb346cb8d54a7e33284e07be9a9dc5861e99035ede.dll windows x64
Password: infected
c5edddc4075eeea800241f441beb2a51
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
FreeLibrary
LoadLibraryA
ExitProcess
WaitForSingleObject
TerminateThread
Sleep
CreateThread
GetThreadContext
HeapReAlloc
SetThreadContext
HeapAlloc
HeapFree
Thread32First
HeapDestroy
HeapCreate
Thread32Next
OpenThread
CreateToolhelp32Snapshot
GetCurrentProcessId
SuspendThread
ResumeThread
VirtualQuery
VirtualFree
VirtualAlloc
GetSystemInfo
FlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
WriteFile
GetStdHandle
FlsGetValue
TlsFree
FlsFree
GetTickCount
TlsSetValue
FlsAlloc
RaiseException
RtlPcToFileHeader
GetCPInfo
GetACP
GetOEMCP
HeapSetInformation
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwindEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
RtlVirtualUnwind
RtlLookupFunctionEntry
LocalFree
VirtualProtect
CloseHandle
GetFileTime
CreateMutexA
GetLastError
GetWindowsDirectoryA
SetLastError
CreateFileA
user32
SetWindowLongPtrA
ShowWindow
DefWindowProcA
CreateWindowExA
LoadIconA
KillTimer
PostQuitMessage
RegisterClassExA
GetWindowLongPtrA
DestroyWindow
UpdateWindow
GetThreadDesktop
CreateDesktopA
CloseDesktop
SetThreadDesktop
GetClientRect
CopyRect
GetUserObjectInformationA
GetWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
ChildWindowFromPointEx
GetAncestor
PostMessageA
MapWindowPoints
PeekMessageA
GetClassNameA
ScreenToClient
GetSystemMetrics
SetTimer
advapi32
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
ole32
OleInitialize
OleUninitialize
OleSetContainedObject
OleCreate
CoCreateInstance
CoDisconnectObject
oleaut32
VariantInit
SysAllocString
VariantClear
SysFreeString
shlwapi
StrStrIW
wininet
FindCloseUrlCache
FindNextUrlCacheEntryA
InternetCrackUrlA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
urlmon
UrlMkSetSessionOption
oleacc
AccessibleObjectFromWindow
WindowFromAccessibleObject
imm32
ImmDisableIME
Sections
.text Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ