pc[.]exe_pw_infected[.]zip

Resubmissions

27-03-2023 10:23

230327-me6khafa6t 7

27-03-2023 10:19

230327-mcptzach63 1

27-03-2023 10:15

230327-maewzsch47 1

Sharing

Copy URL

Twitter E-mail

General

Target

pc.exe_pw_infected.zip
Size

460KB
MD5

7616088039fe427cbad51f91ad8b3792
SHA1

ca6cd14d39e57b88488293556eb0f604a1d22b1c
SHA256

412233f79cd754216f3275cffede5f60fb45adf277ae5ef12f8d8c58d7522e25
SHA512

d8720cb6e8b1701de73bc5b6d7bd622101cbbe3ec493a5d25bb085e7a66e794632108ff714dbaf3e0cb1abaa75fbd02d060c655d395dfe2ea8e8fdcb59d0d14b
SSDEEP

12288:F4AuGigNXHg1sRHuKnO186VUuQEDjBhulC22uTfQSSpF:F4AyeXHgOlzOO6VUxqjzTEQSKF

Score

1^/10

Malware Config

Signatures

Files

pc.exe_pw_infected.zip
.zip

Password: infected
9a9b94e04c97df3b3df7ef20da36b11bf782a2b20db806c227612c44124d6bb3
.exe windows x64

1e9b98fe56584aa1a9facc45399a3951

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleHandleA
GetProcAddress
GetLastError
GetModuleFileNameW
DeleteFileW
WideCharToMultiByte
HeapAlloc
HeapFree
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
CloseHandle
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
Sleep
LoadLibraryA
InitializeCriticalSection
CreateFileW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapReAlloc
HeapSize
SetEndOfFile
ReadFile
CreateFileA

advapi32

CryptDestroyKey
CryptImportKey
CryptReleaseContext
CryptSetKeyParam
CryptAcquireContextW
CryptDecrypt

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 421KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

1e9b98fe56584aa1a9facc45399a3951

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 421KB - Virtual size: 429KB

.pdata Size: 4KB - Virtual size: 3KB

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 421KB - Virtual size: 429KB

.pdata
Size: 4KB - Virtual size: 3KB