d409efd1808f828d3b4c46a23379b56c[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

d409efd1808f828d3b4c46a23379b56c.rar
Size

3.0MB
MD5

d409efd1808f828d3b4c46a23379b56c
SHA1

0573eb6b04f44cc0a502f62d30f4f64b2d358bca
SHA256

5c4d1702ec3096d19f18e0aa4f5c1b942bb157c48a5c81d27cd829d41f05f771
SHA512

bd48ecadd79214981ae268fa9f4a0ed32051763735741b8be11284c691ff4bfe9b6ba433cd73108821fea3152eb43992e785fdb348272432a3e4bc038c95e1f5
SSDEEP

49152:pGY6aTdpSCNRiL1J7aC3lmFSMo8X2IB8mBXHJiyO+0M40kYfigZB6DMDcw+Esxff:pG9wyEQLP71lmYR8XtBbBXHJl0x0dRB8

Score

N/A

Malware Config

Signatures

Files

d409efd1808f828d3b4c46a23379b56c.rar
.rar
desktop.ini
.exe windows x86

11ec3a2b043b138c133fd7b80eb030e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACloseEvent

wldap32

ord219

crypt32

CertFreeCertificateChain

normaliz

IdnToAscii

kernel32

GetTimeFormatW
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

CryptHashData

user32

GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.weg320
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.weg321
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Исх.pdf
.pdf
Исх.pdf.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

11ec3a2b043b138c133fd7b80eb030e6

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wldap32

crypt32

normaliz

kernel32

advapi32

user32

Sections

.text Size: 572KB - Virtual size: 572KB

.rdata Size: 125KB - Virtual size: 124KB

.data Size: 7KB - Virtual size: 10KB

.weg320 Size: 1.6MB - Virtual size: 1.6MB

.weg321 Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 28KB - Virtual size: 27KB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: 572KB - Virtual size: 572KB

.rdata
Size: 125KB - Virtual size: 124KB

.data
Size: 7KB - Virtual size: 10KB

.weg320
Size: 1.6MB - Virtual size: 1.6MB

.weg321
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 512B - Virtual size: 469B