272b6a17a8a58a5e75bfdbf88290b0cabd871d72e9cc1dafc7f38a35776495e5[.]zip

General

Target

272b6a17a8a58a5e75bfdbf88290b0cabd871d72e9cc1dafc7f38a35776495e5.zip
Size

629KB
MD5

05fa686b4fc23c788f52d42d2f73d280
SHA1

70367556431a175d5840f430f324a4f3c6599fbd
SHA256

6c24e56ae6bd021a81d11c18e9805b4fcbe7d6c628937e0409a2efca88ff9603
SHA512

dcf886df80f52502731239c1f4e9f950961986399449e0d42ff98c8208684822be49252f98f3ed8338e5f8af270fc1ccc4045794d615463bc0be23ac71542b65
SSDEEP

12288:pywqtj7BiNgwAfLq4CfiyMmLFXG0S+SQl3Yl2rwTEuqj5DH0o83870nIu:kZj9ibAG4CfR9hGySg1wIDH0xIK

Score

1^/10

272b6a17a8a58a5e75bfdbf88290b0cabd871d72e9cc1dafc7f38a35776495e5.zip
.zip

Password: infected
272b6a17a8a58a5e75bfdbf88290b0cabd871d72e9cc1dafc7f38a35776495e5.exe
.exe windows x86

Password: infected

79420f1baa63b40963b5cae8cd85925b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rsaenh

CPDecrypt
CPEncrypt
CPCreateHash
CPDeriveKey

kernel32

GetCurrentThreadId
LoadLibraryExW
WriteConsoleW
GetShortPathNameW
SetLastError
HeapReAlloc
VirtualAlloc
OpenFileMappingW
CreateSemaphoreA
LoadLibraryA
CreateThread
OpenMutexA
lstrcmp
FindClose

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ