TA580_20221104[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

TA580_20221104.zip
Size

720KB
MD5

dbcb4db8cd9b1034a9d1b27a8d35bf3b
SHA1

560699995e1db3f06e5a635725fc4a9e6140cdc2
SHA256

584d1a787374e437b050149ee9e1f891496db0d5e1f86bc08c1c3f003143bb80
SHA512

c6b5278aa440a3c9ac9046453be9ba3a521f6c982667c15359cd2b2de62e4f44e65f0ad68b5ec2d53ae07532d513d1ae61bc7921af690106b520bb967412b681
SSDEEP

12288:vQc4yJs5D39Pp+x9M+VurjwBSB1BuOGM/YPDpN5BRSv3GpkXIVcDOdF:vd2729M+YrjbB1BjGBDpNBGKkcF

Score

N/A

Malware Config

Signatures

Files

TA580_20221104.zip
.zip
DKyVKmgVSvviRl.bat
aMLjTIhBvevLGx.dll
.dll windows x64

22f8fd728d75a577721f562dfeae2b7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateFileA
FindClose
FindFirstFileA
FindNextFileA
LockFile
ReadFile
UnlockFile
CloseHandle
GetLastError
ConnectNamedPipe
HeapCreate
GetCurrentProcessId
GetCurrentThreadId
VirtualAlloc
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
GetModuleHandleA
CreateFileMappingA
OpenFileMappingA
CreateNamedPipeA
CreateActCtxA
ActivateActCtx
DeactivateActCtx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
ExitProcess
TerminateProcess
FreeLibrary
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree
FindFirstFileExA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
LoadLibraryExW
LCMapStringW
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW
RtlUnwindEx

Exports

Exports

Joq975
SendData
YVGbR69G

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 551KB - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IPPDATA
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
details.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

22f8fd728d75a577721f562dfeae2b7c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 352KB - Virtual size: 352KB

.data Size: 551KB - Virtual size: 555KB

.pdata Size: 4KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 28B

IPPDATA Size: 512B - Virtual size: 40B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 352KB - Virtual size: 352KB

.data
Size: 551KB - Virtual size: 555KB

.pdata
Size: 4KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 28B

IPPDATA
Size: 512B - Virtual size: 40B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB