81c85319217d31eca7968a889105cac75ef32be409978dba5bdfe47cbe8ff485[.]zip

General

Target

81c85319217d31eca7968a889105cac75ef32be409978dba5bdfe47cbe8ff485.zip
Size

225KB
MD5

b0c9f1729233575482694b9795cb5104
SHA1

b3f09e1f8e68a58241bdf5e603333772bfc53de7
SHA256

2001025a3143d7abba7e9ec79a2d02f90bd20367713bf52ee3517467c2649bd8
SHA512

d8e9dcba0af591ccb271175149118f6fcd58f12fd751342ae05274c95b405bbe5c09946fd03f4c6b6391c6272a0f3301f3a012813207f74445523dbbd0ec18ec
SSDEEP

3072:rjtwDpQteRfnx+iZf9721VrSEWi9YOtTAZRG8Ht2DcxRQ8etz64KLGBbp3:H+DKteRfnbXyVrSExjx+RG8N2M6eLS

Score

1^/10

Malware Config

Signatures

Files

81c85319217d31eca7968a889105cac75ef32be409978dba5bdfe47cbe8ff485.zip
.zip

Password: infected
81c85319217d31eca7968a889105cac75ef32be409978dba5bdfe47cbe8ff485.exe
.exe windows x86

Password: infected

968a092109bf8f70bb4ad85cbbbcc09a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertCloseStore
CertFindCRLInStore
CertVerifyRevocation
CryptMemFree
CertGetNameStringW
CertOIDToAlgId
CertCreateCRLContext
CertAddCTLContextToStore
CertEnumPhysicalStore
CertFindChainInStore
CryptSignCertificate

dbnmpntw

ConnectionVer
ConnectionClose

shlwapi

UrlIsNoHistoryA
UrlHashA
PathCombineA
UrlCanonicalizeA
UrlUnescapeA
UrlCompareA
UrlGetLocationA
PathCompactPathA
UrlCreateFromPathA
PathIsRootA
UrlEscapeA
UrlCombineW

msimg32

vSetDdrawflag
TransparentBlt

kernel32

GetConsoleAliasA
ReleaseMutex
GetBinaryTypeA
CreateNamedPipeW
GetShortPathNameA
CreateSemaphoreW
RemoveDirectoryW
WaitForSingleObjectEx
GetEnvironmentVariableA
HeapCreate
LoadLibraryExA
IsBadReadPtr
GetCurrentDirectoryW
lstrlenW
FindFirstFileW
GetProfileIntW
GetProcAddress
LoadLibraryA

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: - Virtual size: 256B

IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

968a092109bf8f70bb4ad85cbbbcc09a

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

dbnmpntw

shlwapi

msimg32

kernel32

Sections

.text Size: 251KB - Virtual size: 251KB

.data1 Size: - Virtual size: 256B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 251KB - Virtual size: 251KB

.data1
Size: - Virtual size: 256B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB