8565743895[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8565743895.zip
Size

225KB
MD5

822344da32e064b764177229aea3a546
SHA1

e6f923b6b4d4eceb56c2504a67d6b7344b0f2024
SHA256

ce5bdce480a1525ae31b81f51f74ce7b1b0ee0ef8d4b7588374eba5f9d110768
SHA512

91c99ed17327ba2e45d8b7bc95ba400535d727675a09b0da1aecf9188ad64f4a6967aeabace1ebab76c09feab39d5a1c862ae16e246dfa35a688ecf1b294d6c9
SSDEEP

3072:Q+0a/86aa+zZnnbb8HU5wt1wRqj25+cU5kG1QXbBrH+xWub/tcT5sD6+BXvrXfFy:d2P4t1wMe+pr1QXZ+Tb1Q0vLfSiGVVm2

Score

N/A

Malware Config

Signatures

Files

8565743895.zip
.zip

Password: infected
76b9eeffd80d2cb58660834e45f64109ce6e8c2f4659e52e0819d2cc181e168b
.dll windows x86

80df753e5efc64de446538ef114fa853

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
CreateThread
GetTickCount64
VirtualAlloc
GetFileAttributesA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryA
lstrcmpA
lstrcmpiA
lstrlenA
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
DecodePointer
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
WriteConsoleW

user32

SendMessageA
EndDialog
DialogBoxParamA

shlwapi

PathFileExistsA
PathFindOnPathA
PathGetDriveNumberA

Exports

Exports

DrawThemeIcon
aerophilately
bretschneideraceae
heartsomeness
pinole
stepper
supererogatorily
surbasement
unjusticiable
waxiness

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data1
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

80df753e5efc64de446538ef114fa853

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 107KB

data1 Size: 188KB - Virtual size: 188KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 155KB - Virtual size: 155KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 107KB - Virtual size: 107KB

data1
Size: 188KB - Virtual size: 188KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 155KB - Virtual size: 155KB

.reloc
Size: 7KB - Virtual size: 6KB