INV_Scan_237[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

INV_Scan_237.zip
Size

518KB
MD5

3f5deadb35e4aa0326b3fcb450b3d99c
SHA1

d98ef43ce643c7762da25475c7c0960abee7395c
SHA256

ac8961a113621c2d483f80e21951026145b184311f3b34fb2f6880cdcf81871e
SHA512

24c2fa9a057224a5b384eaa853d0f05cb41e69c286ab8b93f56f2e81762d7971c6ba4ed7b5e9c01f486503fac9825f2124851051a03d5a9ef2901a352a809ded
SSDEEP

12288:i/J+tmBcLyG7vtTwoesCXZLE4nQI719ivCc7x/av:oJcmBcLrVT89FE4nQI719iqcIv

Score

N/A

Malware Config

Signatures

Files

INV_Scan_237.zip
.zip

Password: 84925
INV_Scan_237.IMG
.iso

Password: 84925
DRAWBOLT.LNK
.lnk
WORKHAND/DIURESIS.DAT
.dll windows x64

Password: 84925

461b78f28d3ea5be2e2ffd3133d46dd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

glp_addColumns
glp_addRows
glp_algorithm
glp_checkSolution
glp_chgColumnLower
glp_chgColumnUpper
glp_chgObjCoefficients
glp_chgRowLower
glp_chgRowUpper
glp_clearCallBack
glp_columnLower
glp_columnName
glp_columnUpper
glp_copyInIntegerInformation
glp_copyNames
glp_copyinStatus
glp_crash
glp_deleteColumns
glp_deleteIntegerInformation
glp_deleteModel
glp_deleteRows
glp_dropNames
glp_dual
glp_dualBound
glp_dualColumnSolution
glp_dualFeasible
glp_dualObjectiveLimit
glp_dualRowSolution
glp_dualTolerance
glp_dumpMatrix
glp_getColLower
glp_getColSolution
glp_getColUpper
glp_getColumnStatus
glp_getElements
glp_getIndices
glp_getIterationCount
glp_getMatrixElement
glp_getNumCols
glp_getNumElements
glp_getNumRows
glp_getObjCoefficients
glp_getObjSense
glp_getObjValue
glp_getReducedCost
glp_getRowActivity
glp_getRowLower
glp_getRowPrice
glp_getRowStatus
glp_getRowUpper
glp_getSmallElementValue
glp_getUserPointer
glp_getVectorLengths
glp_getVectorStarts
glp_hitMaximumIterations
glp_infeasibilityCost
glp_infeasibilityRay
glp_initialDualSolve
glp_initialPrimalSolve
glp_initialSolve
glp_integerInformation
glp_isAbandoned
glp_isDualObjectiveLimitReached
glp_isIterationLimitReached
glp_isPrimalObjectiveLimitReached
glp_isProvenDualInfeasible
glp_isProvenOptimal
glp_isProvenPrimalInfeasible
glp_lengthNames
glp_loadProblem
glp_logLevel
glp_maximumSeconds
glp_newModel
glp_numberColumns
glp_numberDualInfeasibilities
glp_numberIterations
glp_numberPrimalInfeasibilities
glp_numberRows
glp_objective
glp_objectiveOffset
glp_objectiveValue
glp_optimizationDirection
glp_perturbation
glp_primal
glp_primalColumnSolution
glp_primalFeasible
glp_primalRowSolution
glp_primalTolerance
glp_printModel
glp_problemName
glp_readMps
glp_registerCallBack
glp_registerCallBack2
glp_resize
glp_restoreModel
glp_rowLower
glp_rowName
glp_rowUpper
glp_saveModel
glp_scaling
glp_scalingFlag
glp_secondaryStatus
glp_setAlgorithm
glp_setColSolution
glp_setColumnStatus
glp_setDualBound
glp_setDualObjectiveLimit
glp_setDualTolerance
glp_setInfeasibilityCost
glp_setLogLevel
glp_setMaximumIterations
glp_setMaximumSeconds
glp_setNumberIterations
glp_setObjectiveOffset
glp_setOptimizationDirection
glp_setPerturbation
glp_setPrimalTolerance
glp_setProblemName
glp_setProblemStatus
glp_setRowStatus
glp_setSecondaryStatus
glp_setSmallElementValue
glp_setUserPointer
glp_status
glp_statusArray
glp_statusExists
glp_sumDualInfeasibilities
glp_sumPrimalInfeasibilities
glp_unboundedRay
glp_writeMps
init

Sections

.text
Size: 905KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WORKHAND/EXCRESCE.CMD

Sharing

General

Malware Config

Signatures

Files

Password: 84925

Password: 84925

Password: 84925

461b78f28d3ea5be2e2ffd3133d46dd3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 905KB - Virtual size: 904KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 6KB - Virtual size: 7KB

.pdata Size: 26KB - Virtual size: 25KB

.gfids Size: 512B - Virtual size: 44B

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 905KB - Virtual size: 904KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 6KB - Virtual size: 7KB

.pdata
Size: 26KB - Virtual size: 25KB

.gfids
Size: 512B - Virtual size: 44B

.reloc
Size: 16KB - Virtual size: 13KB