Static task
static1
General
-
Target
c12e8f28cdd278716071b0b5fca4de952982bf5eacfb82db35750ac2a9b00801.zip
-
Size
532KB
-
MD5
4b34e6708031f7775da2d41737fffa7f
-
SHA1
7007a5bd328c863ab6a2a8c2524d3713cc85ba0d
-
SHA256
c487b08a8e4428884fc0c300475b302d306870040d19bb53b9cca41a0bba400f
-
SHA512
1a2be4dad2c2588455348635926ca06f10aaa840ad9b6676665cac63244c6ead347714774c196fecfa80b893f35d72a0ef64c70765d3fc065f217dc6252b4db4
-
SSDEEP
12288:NXjq5bHv/XWRhhh7KOvUDRRRDN8GRgUfnb4/kUaiVT6ucvpvqwGvuGQxpsY:Nu5DmjKxDnRh8GaU0/fVX2pCyh
Malware Config
Signatures
Files
-
c12e8f28cdd278716071b0b5fca4de952982bf5eacfb82db35750ac2a9b00801.zip.zip
Password: infected
-
c12e8f28cdd278716071b0b5fca4de952982bf5eacfb82db35750ac2a9b00801.vhd
-
out.vhd.vhd
-
$RECYCLE.BIN/$I0LIQFD.js
-
$RECYCLE.BIN/$I35IWSE.js
-
$RECYCLE.BIN/$I4E3GQV.js
-
$RECYCLE.BIN/$I71220H.js
-
$RECYCLE.BIN/$IABDJAB.js
-
$RECYCLE.BIN/$ICEZ9ID.js
-
$RECYCLE.BIN/$ICZLDZO.js
-
$RECYCLE.BIN/$IDWL93U.js
-
$RECYCLE.BIN/$IGHQVQ5.js
-
$RECYCLE.BIN/$IHL25IB.exe
-
$RECYCLE.BIN/$IJFBHD3.js
-
$RECYCLE.BIN/$IJXIQS1.bat
-
$RECYCLE.BIN/$IPFEKS8.scr
-
$RECYCLE.BIN/$IR4KUZJ.js
-
$RECYCLE.BIN/$ITRUZU5.js
-
$RECYCLE.BIN/$IU6J4A7.js
-
$RECYCLE.BIN/$IWHXG2B.js
-
$RECYCLE.BIN/$IWW07MP.js
-
$RECYCLE.BIN/$IXOYXGM.js
-
$RECYCLE.BIN/$R0LIQFD.js.js
-
$RECYCLE.BIN/$R35IWSE.js.js
-
$RECYCLE.BIN/$R4E3GQV.js.js
-
$RECYCLE.BIN/$R71220H.js.js
-
$RECYCLE.BIN/$RABDJAB.js.js
-
$RECYCLE.BIN/$RCEZ9ID.js.js
-
$RECYCLE.BIN/$RCZLDZO.js.js
-
$RECYCLE.BIN/$RDWL93U.js.js
-
$RECYCLE.BIN/$RGHQVQ5.js.js
-
$RECYCLE.BIN/$RHL25IB.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 175KB - Virtual size: 175KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$RECYCLE.BIN/$RJFBHD3.js.js
-
$RECYCLE.BIN/$RJXIQS1.bat.bat .vbs
-
$RECYCLE.BIN/$RPFEKS8.scr.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$RECYCLE.BIN/$RTRUZU5.js.js
-
$RECYCLE.BIN/$RU6J4A7.js.js
-
$RECYCLE.BIN/$RWHXG2B.js.js
-
$RECYCLE.BIN/$RWW07MP.js.js
-
$RECYCLE.BIN/$RXOYXGM.js.js
-
$RECYCLE.BIN/desktop.ini
-
Evoucher#026.js.js
-
System Volume Information/IndexerVolumeGuid
-
System Volume Information/WPSettings.dat