200908-p5f4c5cdzj_pw_infected[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

200908-p5f4c5cdzj_pw_infected.zip
Size

90KB
MD5

b2402d911da1718ed84939b4e731cac1
SHA1

b8d6b7ab5a100fe8ea8eaf7f3af798f0092c989a
SHA256

58c04b9758f0220d02505f2e4b2de3226b8ca1b85ff3188775ac1d17f7802ec0
SHA512

0ae0050e315e3ba5fc3c2ee0381528387dde9a4c766c8e51fafc0c6bc18b15c60dac8e768dfd66afd93d1c165e73a57138204e22933b597b3ca3aa5368117748
SSDEEP

1536:aVxw3e4TNRE28zIDFMo9ZPs47M/jes+WLf706+GO10BKWZYQHozKEshGUAbv/T5e:l33Na28zIDaK5w/qsfUoysfYQHUsgUAQ

Score

N/A

Malware Config

Signatures

Files

200908-p5f4c5cdzj_pw_infected.zip
.zip

Password: infected
23bef893e3af7cb49dc5ae0a14452ed781f841db7397dc3ebb689291fd701b6b
.exe windows x86

Password: 3

45ddfa40aba81e28a3dc363afc45658e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
HeapCompact
CommConfigDialogA
lstrcpynA
HeapAlloc
InterlockedIncrement
SetConsoleTextAttribute
ReadConsoleA
GetCurrentProcess
ZombifyActCtx
SetDefaultCommConfigW
GetEnvironmentStringsW
WaitForSingleObject
BackupSeek
GetModuleHandleW
GetProcessHeap
GetConsoleTitleA
WaitNamedPipeW
WriteFile
GetEnvironmentStrings
AddRefActCtx
GetFileAttributesW
VerifyVersionInfoA
GetAtomNameW
HeapReAlloc
DeactivateActCtx
LCMapStringA
GetHandleInformation
SetLastError
GetProcAddress
AttachConsole
GetProcessHeaps
VerLanguageNameA
HeapUnlock
GetConsoleDisplayMode
LocalAlloc
SetConsoleCtrlHandler
GetTapeParameters
SetConsoleTitleW
GetModuleHandleA
CreateMutexA
VirtualProtect
OpenEventW
DeleteCriticalSection
ReleaseMutex
GetCurrentProcessId
GetPrivateProfileSectionW
FindActCtxSectionStringW
LocalFree
WriteProcessMemory
lstrcpyA
PulseEvent
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetFileType
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
GetLocaleInfoA
VirtualAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringW

Exports

Exports

@SetViceCitiesz@0

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: 3

45ddfa40aba81e28a3dc363afc45658e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 87KB

.data Size: 32KB - Virtual size: 5.3MB

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 87KB - Virtual size: 87KB

.data
Size: 32KB - Virtual size: 5.3MB

.rsrc
Size: 33KB - Virtual size: 33KB