4ad0998882a3fbd3412f0c740faebb8ef78bec4c3e566650424c40a878e6a23a[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

4ad0998882a3fbd3412f0c740faebb8ef78bec4c3e566650424c40a878e6a23a.zip
Size

179KB
MD5

05450ebd1f9f4a1a9398472672aaa2ce
SHA1

3d42d5d944ef771b02267bdf36f13eb2b04f7121
SHA256

1cacdbc8eab9f5a7692af132cef36e99d34afb4b974d56feac4b17325e493ebe
SHA512

ab960736e6c0d856901f78127f8f0dc9010558546d3b070a8292dd1ce2fd2d5895233532d00db8834ad636384367c72ecd553e5884af91f4d6812a8b1dec79f7
SSDEEP

3072:41qFfNQM6D/hyrThJRMeFPxghyHm6inO2N0qks1fLK/Rr/ncklCWyWBUqa3l8pLB:4KyZDchfMEJpmvxzKl/J8R81iM

Score

1^/10

Malware Config

Signatures

Files

4ad0998882a3fbd3412f0c740faebb8ef78bec4c3e566650424c40a878e6a23a.zip
.zip

Password: infected
4ad0998882a3fbd3412f0c740faebb8ef78bec4c3e566650424c40a878e6a23a.exe
.exe windows x86

Password: infected

0812af00bd1c4f8f48bc4eb08deba16e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBindToParent

powrprof

IsPwrSuspendAllowed

shlwapi

PathCompactPathW

oleaut32

VarDecFromR8

setupapi

SetupDiGetDeviceInfoListDetailA
SetupPromptForDiskW

ole32

HBITMAP_UserMarshal

winscard

SCardGetProviderIdA

kernel32

GetModuleHandleA
GetProcAddress
GetCommandLineW
GetTimeZoneInformation
GetCurrentThreadId
FlsGetValue
IsProcessInJob
ReleaseMutex
AttachConsole
LocalAlloc

gdi32

ResizePalette

user32

CreateDesktopA
GetMessageW
EnableWindow
GetFocus
GetClientRect
GetCursor

Exports

Exports

mIqZ7ed6pTD3hQG

Sections

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.O
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

0812af00bd1c4f8f48bc4eb08deba16e

Headers

DLL Characteristics

File Characteristics

Imports

shell32

powrprof

shlwapi

oleaut32

setupapi

ole32

winscard

kernel32

gdi32

user32

Exports

Exports

Sections

.rdata Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.O Size: 168KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 596B

.rdata
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.O
Size: 168KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 596B