ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.zip
Size

175KB
MD5

687a7e83f1deee6267a4f39fb8bb1292
SHA1

3678cfabe83360ed10e6fe012a2126e9c5999889
SHA256

8439b6f994354d50d7db1acd8c67b6c98f32de5c1922c653ef79aa1a119ae227
SHA512

e3c447423feecf6793e1295920170e753e1f30535b49778f61100433135a411c25a046282a4ba087fcedc6e348eda4db4b9b01ef1c2dfa1cf6e9aa3e71a73721
SSDEEP

3072:046+vr89hhyTJJ/A+CwSKnDLQyAL7MudO58hqFJcPYLjm0mJQDtDmATnj6CUPZdj:0fYr+hhYAfKn/JHOOUaSPZjwtDdTjhUD

Score

1^/10

Malware Config

Signatures

Files

ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.zip
.zip

Password: infected
ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.exe
.exe windows x86

Password: infected

cdadd24365a6c20de1ab1c7bb5385624

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarI8FromR8

user32

WindowFromDC
ActivateKeyboardLayout
DdeEnableCallback
SetClassWord
ShowCaret
WaitMessage
GetSysColorBrush
IsWindow
GetForegroundWindow
GetSysColor
VkKeyScanW

kernel32

GetProcAddress
GetModuleHandleA
SetConsoleWindowInfo
GetNumaNodeProcessorMask
GetVersion
GlobalFree
GetCommandLineA
GetSystemTime
TlsGetValue
GetConsoleDisplayMode
FreeUserPhysicalPages
SetUserGeoID
WriteTapemark

shlwapi

StrChrNW
ord215
StrCmpLogicalW

gdi32

SetArcDirection
PlayMetaFileRecord
Escape

advapi32

SetSecurityDescriptorControl
RegGetKeySecurity
IsValidSecurityDescriptor
EnumServicesStatusW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

cdadd24365a6c20de1ab1c7bb5385624

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

kernel32

shlwapi

gdi32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.idata Size: 40KB - Virtual size: 36KB

.data Size: 48KB - Virtual size: 47KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 88KB - Virtual size: 86KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 716B

.text
Size: 12KB - Virtual size: 11KB

.idata
Size: 40KB - Virtual size: 36KB

.data
Size: 48KB - Virtual size: 47KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 88KB - Virtual size: 86KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 716B