188a9a0f-a66d-4cd0-a2f6-9ddcedeaad66[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

188a9a0f-a66d-4cd0-a2f6-9ddcedeaad66.zip
Size

360KB
MD5

5ea038c683c17c1e8bd13732ea38d81e
SHA1

0e652105549adf2897d598fbca64dd01b74d17e1
SHA256

b393d0b041aeb2299936d2362b67e324e7a8c6765a5bfacdabff3c4820c841c7
SHA512

1eca1d4d7abf1d0e4b8542e95ca80cd7a634400f920ef7fb3c0b74fd0a2d7fdfd732c2f90962798536f9f36ec819578e7949efcda03b2b7e1f8a7fabb54ddec5
SSDEEP

6144:9K939L8QAJwgrdJDolkT3LLdWzSNToQBT/YhulTS72TX92EYpXzvu0oAvz7L0re:9Q358QQwg/D73QzSVG4BS7yEnpjvud8V

Score

N/A

Malware Config

Signatures

Files

188a9a0f-a66d-4cd0-a2f6-9ddcedeaad66.zip
.zip

Password: 052333
SCAN_DT6281.img
.iso

Password: 052333
IncomingPay/ChangeRules.txt
IncomingPay/Changes.txt
IncomingPay/Issues.cmd
IncomingPay/NewInformation.lc
.dll regsvr32 windows x86

Password: 052333

df54c2db6ec7a097e99efd634f76fdc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
WriteFile
CloseHandle
GetLastError
HeapCreate
CreateFiber
SwitchToFiber
CreateThread
SuspendThread
ResumeThread
FindFirstFileA
FindNextFileA
FindClose
GetModuleHandleA
GetFileInformationByHandle
DeleteCriticalSection
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
LCMapStringW
GetStdHandle
GetFileType
GetStartupInfoW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetCurrentThreadId
GetACP
GetStringTypeW
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCPInfo
IsValidCodePage
GetOEMCP
ExitProcess
GetModuleHandleExW
SetFilePointerEx
CreateFileW
WriteConsoleW
DecodePointer
RaiseException
HeapSize
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwind
InterlockedFlushSList
GetModuleFileNameA
FindFirstFileExA
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW

Exports

Exports

DllRegisterServer
Hkv70Kdh
IPlj2HAa
OIP225V1
OftHwD9701

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SCAN_DT6281.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

Password: 052333

Password: 052333

Password: 052333

df54c2db6ec7a097e99efd634f76fdc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 250KB - Virtual size: 249KB

.data Size: 286KB - Virtual size: 288KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 250KB - Virtual size: 249KB

.data
Size: 286KB - Virtual size: 288KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 5KB - Virtual size: 4KB