pw-u1515[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

pw-u1515.zip
Size

446KB
MD5

c60212b5417e564569603acaa0469ca5
SHA1

0678d6b8accc8a932b853cc9377ebfa83c86221f
SHA256

d52482df38eb5394b6d97c214ec89db80247c06b9b71339cbba82d281eb29f88
SHA512

a121f420565b89c7511ea6474c37acd22d7f4cfc5913ac454926a10b375510a7627fc60a332a8dc65abe91ff0bd50fa34655d314a3a5495e31b81fec5b3fb189
SSDEEP

12288:QkGNqRrS9fLgQAMjPLd5AfLm53aX1bJAj1bg42fqddv0TFfzjKT:Q5UQTdiy53aldAj1r2yLv0TF7eT

Score

N/A

Malware Config

Signatures

Files

pw-u1515.zip
.zip

Password: u1515
current/14098 Dec 01.vhd
.vhd .dmg macos

Password: u1515
14098 Dec 01.lnk
.lnk
472.dll
.dll windows x86

Password: u1515

f5633f396eec7e92c6df8dee7361a7f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
WriteFile
CloseHandle
HeapCreate
TryEnterCriticalSection
CreateThread
ResumeThread
GetModuleFileNameA
GetCurrentProcessId
SetEndOfFile
CreateFileMappingA
MapViewOfFile
CreateNamedPipeA
CallNamedPipeA
ConnectNamedPipe
FreeEnvironmentStringsW
DeleteCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
HeapAlloc
GetLastError
HeapFree
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryExW
LCMapStringW
GetStdHandle
GetFileType
GetStartupInfoW
SetLastError
GetCurrentThreadId
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetStdHandle
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
IsValidCodePage
GetACP
GetOEMCP
SetFilePointerEx
GetStringTypeW
ExitProcess
GetModuleHandleW
GetModuleHandleExW
ReadFile
ReadConsoleW
GetModuleFileNameW
CreateFileW
WriteConsoleW
DecodePointer
RaiseException
HeapSize
HeapReAlloc
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
InterlockedFlushSList
FindClose
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

Exports

Exports

AfO899
CYvxX
DrawThemeIcon
LHWo914
TJqi910
XULm3

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 326KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System Volume Information/IndexerVolumeGuid
System Volume Information/WPSettings.dat

Sharing

General

Malware Config

Signatures

Files

Password: u1515

Password: u1515

Password: u1515

f5633f396eec7e92c6df8dee7361a7f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 159KB - Virtual size: 159KB

.data Size: 326KB - Virtual size: 328KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 159KB - Virtual size: 159KB

.data
Size: 326KB - Virtual size: 328KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 4KB