369480624570299e8d09abf03029bbc4[.]zip

Resubmissions

07/02/2023, 01:20

230207-bqfbxaca5v 1

07/02/2023, 01:17

230207-bnwwwaca3v 1

07/02/2023, 01:08

230207-bg7d2aca2s 1

Sharing

Copy URL Twitter E-mail

General

Target

369480624570299e8d09abf03029bbc4.zip
Size

111KB
MD5

0aea8ca8de655ac9bd65f9b65ab65ca1
SHA1

477480703b91eeb14f93f482b1aa90e9968e8ac8
SHA256

6f6d21a07a5b136eda1e0688cd40b4077336974e2edebe0c86ff9db4e0c8f69a
SHA512

b51e894e4684054ab9456abf287e704d8760b83021af86d8fa2e05be64d2aa2ca228e967c4db74d6a5cdac6672201d83c0c19bae62188064351de2ac5e9932cf
SSDEEP

3072:N+sprAyTydzzFcheCPFkFd0g9Malln/y9D:kspMyaFCdkFd0gam/y9D

Score

1^/10

Malware Config

Signatures

Files

369480624570299e8d09abf03029bbc4.zip
.zip

Password: infected
369480624570299e8d09abf03029bbc4
.dll windows x64

Password: infected

7d520c58152fd8881716eed523f85e2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateFileA
CloseHandle
GetCommandLineA
GetLastError
ConvertThreadToFiber
CreateFiber
SwitchToFiber
CreateThread
SuspendThread
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
GetModuleHandleA
GetFileSize
SetFileTime
CreateNamedPipeA
PeekNamedPipe
VirtualAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
RaiseException
HeapSize
HeapReAlloc
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
FindFirstFileExA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW

Exports

Exports

Cpo6R
Cpurtyhvlc
EPo2
PuDZpvv
WFIiulT22

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

7d520c58152fd8881716eed523f85e2e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 33KB - Virtual size: 37KB

.pdata Size: 4KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 148B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 33KB - Virtual size: 37KB

.pdata
Size: 4KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 148B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB