files[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

files.zip
Size

734KB
MD5

5dd35c037c98b2c4216b3c1c3e783021
SHA1

26bf826d2ee3dcb22990b8afaefb0163eb8f7cdd
SHA256

28ffa0b1d086aeb8ebb502e7245895dc564e3b7f364a49e4a3cdd72cc7054a4b
SHA512

77e1070702a5813bc59f1dee1445149d12d96e68c59fe618fe902da486e3dbc3fc3e18a74e0585734d352f24f110937b66b2e368cc1ad0fbeb23a5caa92a217d
SSDEEP

12288:oWcZBm80Ue/wyWxObBFKZGGBOAwcdPcwGUxsbR84uTt0hhR0UgQvwFUYYfEy:oWcZBIUbyWsjKoe1wcx61ltuTtiBgSw0

Score

N/A

Malware Config

Signatures

Files

files.zip
.zip
Summary_6138750_12192022.lnk
.lnk
deskmon.dat
.dll windows x86

5e2a8adbd67a9f695a7d7e5f915f640f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___mb_cur_max_func
_amsg_exit
_errno
_initterm
_iob
_lock
_unlock
abort
atoi
calloc
free
fwrite
malloc
memcmp
memcpy
memset
qsort
realloc
setlocale
sprintf
strchr
strcmp
strcpy
strlen
strncmp
strrchr
vfprintf
_strdup

Exports

Exports

plibiconv_version
pliases_lookup
pconv_canonicalize
pibiconv
pibiconv_close
pibiconv_open
pibiconv_open_into
pibiconv_relocate
pibiconv_set_relocation_prefix
pibiconvctl
pibiconvlist
qqqq

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e2a8adbd67a9f695a7d7e5f915f640f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 117KB

.data Size: 512B - Virtual size: 56B

.rdata Size: 822KB - Virtual size: 822KB

.bss Size: - Virtual size: 1KB

.edata Size: 512B - Virtual size: 373B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 116KB - Virtual size: 114KB

.text
Size: 117KB - Virtual size: 117KB

.data
Size: 512B - Virtual size: 56B

.rdata
Size: 822KB - Virtual size: 822KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 373B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 116KB - Virtual size: 114KB