IRS_Form_12-01-9[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

IRS_Form_12-01-9.zip
Size

61KB
MD5

6ef51e05926f07aa3cca6eb1d35516c3
SHA1

84d1ff0610df09fe0904c884510b8cbad9d5651e
SHA256

738cc370a87bc239568ff5f047abea91bdef59d20df8f518dba7fe4e845cd3f5
SHA512

aa03ca261c6d528868116d4589243521fecfb0e1ed9a98256305c05956baf63eeab342c303399a5ae9c40eec8b7b4671b4e3663eb3193626d51257220093bcb6
SSDEEP

1536:taYNv6dTkUQZo5Yb0Jv2qTsJV3UJeHX6i0J/PfjyC:cYlEhQZo5Y4Jv2qTe5XgdfD

Score

N/A

Malware Config

Signatures

Files

IRS_Form_12-01-9.zip
.zip
IRS_Form_12-01-9/Scan.lnk
.lnk
IRS_Form_12-01-9/wiglid/foeZv.cmd
IRS_Form_12-01-9/wiglid/laborsaving.dll
.dll regsvr32 windows x64

b7571113e0fb0198b256a5d78d0fdfcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeConsole
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
lstrlenA

msvcrt

__dllonexit
__iob_func
_amsg_exit
_initterm
_lock
_onexit
_unlock
_wtoi
abort
calloc
free
fwrite
malloc
memcpy
signal
strcmp
strlen
strncmp
vfprintf

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassExA
ShowWindow
TranslateMessage

ole32

CoLoadLibrary

oleaut32

SysAllocStringLen
SysFreeString

Exports

Exports

Abbb
DllGetClassObject
DllRegisterServer
PluginInit

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7571113e0fb0198b256a5d78d0fdfcb

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 112B

.rdata Size: 19KB - Virtual size: 18KB

.pdata Size: 1024B - Virtual size: 576B

.xdata Size: 1024B - Virtual size: 532B

.bss Size: - Virtual size: 2KB

.edata Size: 512B - Virtual size: 146B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 80B

.reloc Size: 512B - Virtual size: 60B

/4 Size: 1024B - Virtual size: 784B

/19 Size: 38KB - Virtual size: 38KB

/31 Size: 6KB - Virtual size: 5KB

/45 Size: 5KB - Virtual size: 5KB

/57 Size: 3KB - Virtual size: 2KB

/70 Size: 512B - Virtual size: 302B

/81 Size: 12KB - Virtual size: 11KB

/92 Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 19KB - Virtual size: 18KB

.pdata
Size: 1024B - Virtual size: 576B

.xdata
Size: 1024B - Virtual size: 532B

.bss
Size: - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 146B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 80B

.reloc
Size: 512B - Virtual size: 60B

/4
Size: 1024B - Virtual size: 784B

/19
Size: 38KB - Virtual size: 38KB

/31
Size: 6KB - Virtual size: 5KB

/45
Size: 5KB - Virtual size: 5KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 512B - Virtual size: 302B

/81
Size: 12KB - Virtual size: 11KB

/92
Size: 1KB - Virtual size: 1KB