ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.zip
Size

175KB
MD5

5d0700f832a28a2895503331b2e5d698
SHA1

865989651fabfcf400ea47ae4ef62d535fa5df66
SHA256

e502ab67fc8523b5e169dee912eda356ac534415ea4f7e7feb2551de99becd22
SHA512

9b40da2533f829389bf4a86bd070e155e34f5df5612483180e9c238ad5827b16095dfcdc340dcd3fa72e26fe32e06ab0fec06999ec74bb1f594932fbc905af0c
SSDEEP

3072:D2Yl6TJqhIMsYxTEZ/g7NPXuVmfTAJeaGz1FCYYIHoFOCU7lX:D2RIqMTTO/SCm7AJYHIFO9B

Score

1^/10

Malware Config

Signatures

Files

ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.zip
.zip

Password: infected
ca087f46f97cd465f46e4ccb04181e6eae7b2c751ae7fd9e262191b979728ccc.exe
.exe windows x86

Password: infected

cdadd24365a6c20de1ab1c7bb5385624

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarI8FromR8

user32

WindowFromDC
ActivateKeyboardLayout
DdeEnableCallback
SetClassWord
ShowCaret
WaitMessage
GetSysColorBrush
IsWindow
GetForegroundWindow
GetSysColor
VkKeyScanW

kernel32

GetProcAddress
GetModuleHandleA
SetConsoleWindowInfo
GetNumaNodeProcessorMask
GetVersion
GlobalFree
GetCommandLineA
GetSystemTime
TlsGetValue
GetConsoleDisplayMode
FreeUserPhysicalPages
SetUserGeoID
WriteTapemark

shlwapi

StrChrNW
ord215
StrCmpLogicalW

gdi32

SetArcDirection
PlayMetaFileRecord
Escape

advapi32

SetSecurityDescriptorControl
RegGetKeySecurity
IsValidSecurityDescriptor
EnumServicesStatusW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

cdadd24365a6c20de1ab1c7bb5385624

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

kernel32

shlwapi

gdi32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.idata Size: 40KB - Virtual size: 36KB

.data Size: 48KB - Virtual size: 47KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 88KB - Virtual size: 86KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 716B

.text
Size: 12KB - Virtual size: 11KB

.idata
Size: 40KB - Virtual size: 36KB

.data
Size: 48KB - Virtual size: 47KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 88KB - Virtual size: 86KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 716B