file_9ca7e645248f42fe86cfe149840c8154_2023-02-14_14_15_04_701000[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

file_9ca7e645248f42fe86cfe149840c8154_2023-02-14_14_15_04_701000.zip
Size

5.5MB
MD5

017214b2759268c211cb65b9df140857
SHA1

87953d31303e156302a1939c7dffd538c116af22
SHA256

fe5b8a04a358cdfdb9d841e7213b47b3af0942bda88788b5ba848d0765304ef7
SHA512

0b9ea0a9479d44efcff53b79c86ba7442488c94f5ee1a554133a66af6d9bfc7ca6564066731333fc58e1ed5df7590479df9d21289b51ba3ffcc7e8d893721c15
SSDEEP

98304:bTJmdUCuhJ4Eer82R7DWAyaRc2joxU5tOUhcj8GuH4FMbgVABQS8P9TMy5zNzLAP:bTJmduv4Pr8tAnR30xoOU6Aj4FipBkQt

Score

1^/10

Malware Config

Signatures

Files

file_9ca7e645248f42fe86cfe149840c8154_2023-02-14_14_15_04_701000.zip
.zip
entry001/lorettepct-rb.exe
.exe windows x86

8168c5c87394682d935a53333f980eb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetLastError
HeapFree
HeapReAlloc
GetLastError
HeapAlloc
GetProcessHeap
CloseHandle
GetCurrentProcess
LocalAlloc
Sleep
GetTickCount
OpenProcess
GetCurrentProcessId
LocalFree
GlobalFree
GlobalAlloc
EnumResourceNamesW
GetUserDefaultLCID
WaitForSingleObject
MulDiv
IsValidLocale
FindClose
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
SetEndOfFile
GetFileSize
WriteFile
ReadFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
FreeResource
LockResource
LoadResource
SizeofResource
InterlockedDecrement
lstrlenA
GetCurrentThreadId
ReleaseMutex
LocalReAlloc
GetVersion
GlobalUnlock
GlobalLock
GlobalReAlloc
CreateFileA
GetLocalTime
DeviceIoControl
MoveFileExW
CompareFileTime
GetCurrentThread
SetEvent
CreateThread
TerminateProcess
GetSystemInfo
HeapCreate
HeapDestroy
GetCommandLineW
InterlockedIncrement
GetExitCodeThread
SuspendThread
GetExitCodeProcess
GetProcessTimes
CompareStringA
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
FlushInstructionCache
VirtualQuery
GlobalAddAtomA
GetProfileStringA
RaiseException
GlobalDeleteAtom
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
ResumeThread
SetThreadPriority
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
lstrcmpiA
VirtualProtect
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
GetProcessVersion
ExitProcess
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetFileType
SetStdHandle
ExitThread
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCurrentDirectoryA
LCMapStringA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetDriveTypeA
GetACP
GetOEMCP
SetEnvironmentVariableA
FindResourceA

userenv

LoadUserProfileW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 639KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

8168c5c87394682d935a53333f980eb9

Headers

File Characteristics

Imports

kernel32

userenv

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 296KB - Virtual size: 295KB

.data Size: 284KB - Virtual size: 639KB

.rsrc Size: 328KB - Virtual size: 324KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 296KB - Virtual size: 295KB

.data
Size: 284KB - Virtual size: 639KB

.rsrc
Size: 328KB - Virtual size: 324KB