E[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

E.zip
Size

1.2MB
MD5

01c79ee9f52fe54112cf70f56a83e25b
SHA1

c87588df2d5d8ba0932155a168e9f3bc88b352cc
SHA256

3055256d8ef650861573ef9e1e2cce30e59f43cbf2014fe0b97989cb3436e17b
SHA512

46f054a5c21053b6715cbb4589132ef6ea68de09f91738af274cd939ff21912c4836c69a2aa02fa4d6cda222d6d5800aca8806cb84cec04e4f605adca3aa6f81
SSDEEP

24576:SKJLd/70PQl86uiK35zsN4SF7p/6eZ+rorp8B1osLIA1:kPK1FKZsNL56eEepM1/P

Score

1^/10

Malware Config

Signatures

Files

E.zip
.zip
400000.devmonsrv.exe
.exe windows x86

380f89c08765e2db71859db80bff821c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInterfaces

ws2_32

listen

bthprops.cpl

BluetoothFindDeviceClose

kernel32

GetOEMCP

user32

GetWindowLongW

winspool.drv

XcvDataW

advapi32

RegEnumKeyExW

shell32

SHGetKnownFolderPath

ole32

CoRegisterClassObject

oleaut32

SysAllocStringByteLen

rpcrt4

UuidCreateSequential

Sections

.text
Size: 960KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
400000.obexsrv.exe
.exe windows x86

55bb4de0b520f4aafb2a6eca28c08c59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSQueryUserToken

ws2_32

socket

setupapi

CM_Get_DevNode_Status

bthprops.cpl

BluetoothEnumerateInstalledServices

kernel32

FlushFileBuffers

user32

PostThreadMessageW

advapi32

RegCloseKey

shell32

SHGetFileInfoW

ole32

CoTaskMemRealloc

oleaut32

RegisterTypeLi

Sections

.text
Size: 924KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dump_report.json
scan_report.json

Sharing

General

Malware Config

Signatures

Files

380f89c08765e2db71859db80bff821c

Headers

File Characteristics

Imports

setupapi

ws2_32

bthprops.cpl

kernel32

user32

winspool.drv

advapi32

shell32

ole32

oleaut32

rpcrt4

Sections

.text Size: 960KB - Virtual size: 960KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 204KB - Virtual size: 201KB

55bb4de0b520f4aafb2a6eca28c08c59

Headers

File Characteristics

Imports

wtsapi32

ws2_32

setupapi

bthprops.cpl

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 924KB - Virtual size: 924KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 200KB - Virtual size: 198KB

.text
Size: 960KB - Virtual size: 960KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 204KB - Virtual size: 201KB

.text
Size: 924KB - Virtual size: 924KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 200KB - Virtual size: 198KB