8629346121[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8629346121.zip
Size

51KB
MD5

fc6be32c0c158d448d5ad56cbe71314d
SHA1

c5e5dee55f83dbc50c75ad5a3c804244993a04d2
SHA256

dcd61a90720ed109dc6856bfb7b95898034c71773ed085450d67595f4e2f3130
SHA512

b6b5da09ac85412ffd1a819b2e4e43d9433a045572f82b861ea176358cc921e9deb4a20ed8af8b289c297fd7466a1224e5cebe57d98c0ab590d0bdd8dd2cc8b4
SSDEEP

1536:bbFPRTZXDnNxroLEwOgzyTzxfB3QyRT/iqcy5T:VPDru2j3QyMqvF

Score

N/A

Malware Config

Signatures

Files

8629346121.zip
.zip

Password: infected
a5ca2f9878600674c46c4b23ec7ef2260f558287b286819cbdd07ff5eb9d6c58
.exe windows x86

5d651f5cb3b5eb4baff4388ca967c319

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
CopyFileA
GetCurrentProcessId
DisconnectNamedPipe
MapViewOfFile
CreateFileMappingA
GetVersionExA
LocalFree
lstrlenA
FormatMessageA
GetStartupInfoA
GetModuleHandleA
ResetEvent
SetFilePointer
WriteFile
GetFileSize
GetFullPathNameA
FindFirstFileA
FindNextFileA
GetLocalTime
FindClose
CreateFileA
ReadFile
GetCurrentProcess
MultiByteToWideChar
GetLastError
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
FreeLibrary
CloseHandle
SetEvent
CreateEventA
WaitForSingleObject
ReleaseMutex
GetComputerNameA
UnmapViewOfFile

user32

GetSubMenu
LoadMenuA
SetForegroundWindow
EnableMenuItem
DestroyWindow
DefWindowProcA
PostQuitMessage
EndPaint
TrackPopupMenu
PostMessageA
ShowWindow
wsprintfA
GetCursorPos
BeginPaint
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
MessageBoxA
DialogBoxParamA
LoadIconA
LoadImageA
KillTimer
SetTimer
EnableWindow
InflateRect
GetWindowTextA
GetSysColorBrush
GetIconInfo
DrawTextA
FillRect
OffsetRect
DrawEdge
DrawFocusRect
DrawIconEx
DestroyIcon
GetDlgItemTextA
SetDlgItemTextA
CheckDlgButton
GetDesktopWindow
GetWindowRect
MoveWindow
LoadStringA
IsDlgButtonChecked
EndDialog
GetDlgItem
wvsprintfA

gdi32

GetObjectA

advapi32

InitializeSecurityDescriptor
GetUserNameA
CloseServiceHandle
OpenSCManagerA
GetTokenInformation
OpenProcessToken
CreateServiceA
DeleteService
OpenServiceA
StartServiceA
ControlService
QueryServiceStatus
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterEventSourceA
StartServiceCtrlDispatcherA

shell32

Shell_NotifyIconA
ShellExecuteExA
ShellExecuteA

shlwapi

PathIsRelativeA

wsock32

gethostname
ioctlsocket
closesocket
bind
WSACleanup
accept
listen
send
recv
ntohs
select
__WSAFDIsSet
ntohl
WSAStartup
gethostbyname
inet_addr
htonl
sendto
recvfrom
socket
htons
setsockopt
WSAGetLastError

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString

msvcrt

_strnicmp
_mbscmp
strrchr
atoi
qsort
isprint
localtime
asctime
calloc
_beginthreadex
_ftol
difftime
realloc
strtoul
_stricmp
strcat
time
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
memset
strcmp
tolower
isalpha
isalnum
malloc
isspace
isxdigit
isdigit
strncpy
strstr
memmove
memcpy
strlen
strcpy
sscanf
free
sprintf
strftime
gmtime
_fullpath
_mbsrchr
_makepath
_splitpath
_purecall
_beginthread
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_stati64

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

5d651f5cb3b5eb4baff4388ca967c319

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

wsock32

ole32

oleaut32

msvcrt

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 16KB - Virtual size: 13KB