44ee2445a8afa4123bd2edb2bcbe258f8c344f73fda88d03097e22a7928d313d[.]zip

General

Target

44ee2445a8afa4123bd2edb2bcbe258f8c344f73fda88d03097e22a7928d313d.zip
Size

5.5MB
MD5

3f359c2767aaaae98e0ccf925ab9e89e
SHA1

93fa9a2c5a45b16711a866090496475da5c98fe3
SHA256

d87d48f838b62df7473d5eb2ec8da861bd470f370040a933ce283444d39e8b50
SHA512

e63ba32b24c1f1ed8637500beecc6894a2a6d030979e34b6380328249eca294bd195797b1a9e12a9df30d4bdabc50f910be302a45af2a8a4dfa7e3ebc75063bf
SSDEEP

98304:Xw9vgCpi8mVh1gPXBxDgYNJ6IazJApStxhiKFAhRBf1S8CoQ4Pz/hZ5w:X0vZi8mVnsX35Y1dF+b1RCm5Z5w

Score

1^/10

44ee2445a8afa4123bd2edb2bcbe258f8c344f73fda88d03097e22a7928d313d.zip
.zip

Password: infected
44ee2445a8afa4123bd2edb2bcbe258f8c344f73fda88d03097e22a7928d313d.exe
.exe windows x86

Password: infected

31a14226d3e64a75d1fc504da54b963c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance

wtsapi32

WTSSendMessageW

Sections

.MPRESS1
Size: 5.3MB - Virtual size: 13.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 257KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE