d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.zip
Size

172KB
MD5

df81c991c51875a6c605cf7870fb348a
SHA1

4c97bf2e178ccaae296b0588fb1743bac19aeefd
SHA256

d090bd62615236ec449a6a12d0838bd94e04a8c22fd44dc63d9670809ffe1a0e
SHA512

9a3483dda951b1072d8c726eeba7b7dc2c8f6eea95928ab1eca9d5ed9857f06d1883af97422d2879ca3fc475dc71d179764f58bfa9a251a947216d2109dd5aae
SSDEEP

3072:eWl011TLeNNIPyYTveN8w0pnkFI1Kh6tY01zW8Twtc5yJmnLpfZ3l:e7PSNNIDTWb6oh6tY0g8yhJmLpx1

Score

1^/10

Malware Config

Signatures

Files

d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.zip
.zip

Password: infected
d66304251f3407d1840065b40662280acc909c3972fb93f99fa07a47c3221b77.dll
.dll windows x86

Password: infected

691e0e5bb01c2ba486b5e69e614042cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetViewportOrgEx
SetWindowOrgEx

pdh

PdhAddCounterW

advapi32

RegCloseKey
CryptContextAddRef
CryptGenKey
CreateRestrictedToken
CryptAcquireContextW

shlwapi

AssocGetPerceivedType

ws2_32

WSACleanup
inet_addr

ole32

CoCreateInstanceEx
CoGetObjectContext
StringFromGUID2

ntdsapi

DsGetDomainControllerInfoW

msvcrt

wcscoll

imm32

ImmGetCandidateListW

setupapi

SetupDiOpenDeviceInterfaceW

winmm

waveOutGetPitch

rpcrt4

NdrGetUserMarshalInfo
RpcMgmtSetCancelTimeout

wininet

InternetReadFile

user32

DefMDIChildProcW
IsWinEventHookInstalled
BlockInput
FillRect
GetWindowContextHelpId
TranslateMessage
GetWindowTextA
GetClassNameA

esent

JetInit

iphlpapi

GetIpAddrTable

kernel32

VirtualAllocEx
InitAtomTable
GetProcessVersion
DeleteTimerQueue
CreateFileW
CloseHandle
GetModuleFileNameW

lz32

LZCopy

Exports

Exports

Mbooserntyerdwq

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

691e0e5bb01c2ba486b5e69e614042cf

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

pdh

advapi32

shlwapi

ws2_32

ole32

ntdsapi

msvcrt

imm32

setupapi

winmm

rpcrt4

wininet

user32

esent

iphlpapi

kernel32

lz32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 420KB - Virtual size: 418KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 420KB - Virtual size: 418KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 4KB