10084_malfile[.]zip

Resubmissions

21/11/2022, 15:48

221121-s8y1eagb65 10

21/11/2022, 15:06

221121-sg2l8aeg64 10

Sharing

Copy URL Twitter E-mail

General

Target

10084_malfile.zip
Size

16.4MB
MD5

1ec703d6dfb253492b7e2e2a71c50581
SHA1

15e3ab00f4e7902e2593cb0f27072a45849253a5
SHA256

e3a1c1feb412bf8a74b1d92ca0ee410c710af7565e75705db0b528f45cf8c9e8
SHA512

652424794926acae3f5c710d7f4bfef82b17582db07c8aa380103707116d6036d4cbae4e3dc0344faecbcccb4666f75fcf459781f981be61deb3b85a4ef9c323
SSDEEP

393216:ohyRHrNhcZFnmeF6FlvqnXnYUvsl5aOJ9Xz9KJC+fJ39VjcyOSWu:ocRHrgZF3cFlYoUkH7pzMgc3nD1

Score

N/A

Malware Config

Signatures

Files

10084_malfile.zip
.zip
AdobeAcrobat64.zip
.zip
readerdc64_en_hi_crd_mdr_install.vmp.exe
.exe windows x86

208ba5cc9ac51b148743052f31ed0168

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateSemaphoreW
CloseHandle
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

msvcrt

__getmainargs

advapi32

GetTokenInformation

shell32

ShellExecuteW

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 220B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HRV
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PJ<
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KPw
Size: 16.4MB - Virtual size: 16.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

208ba5cc9ac51b148743052f31ed0168

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

shell32

user32

Sections

.text Size: - Virtual size: 15KB

.data Size: - Virtual size: 9.7MB

.rdata Size: - Virtual size: 804B

.eh_fram Size: - Virtual size: 2KB

.bss Size: - Virtual size: 220B

.idata Size: - Virtual size: 1KB

.CRT Size: - Virtual size: 52B

.tls Size: - Virtual size: 8B

.HRV Size: - Virtual size: 3.7MB

.PJ< Size: 1KB - Virtual size: 1KB

.KPw Size: 16.4MB - Virtual size: 16.4MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: - Virtual size: 15KB

.data
Size: - Virtual size: 9.7MB

.rdata
Size: - Virtual size: 804B

.eh_fram
Size: - Virtual size: 2KB

.bss
Size: - Virtual size: 220B

.idata
Size: - Virtual size: 1KB

.CRT
Size: - Virtual size: 52B

.tls
Size: - Virtual size: 8B

.HRV
Size: - Virtual size: 3.7MB

.PJ<
Size: 1KB - Virtual size: 1KB

.KPw
Size: 16.4MB - Virtual size: 16.4MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 10KB