9781415336[.]zip

Resubmissions

30/03/2023, 12:40

230330-pwet8aeb3x 8

30/03/2023, 12:29

230330-pn8gkacf38 8

Sharing

Copy URL Twitter E-mail

General

Target

9781415336.zip
Size

380KB
MD5

ed85cb53e075b1ab833e62df4324a50d
SHA1

1a6c31f30d7e79c2a3d6d97ac009edc895b2513c
SHA256

de1faf3fcafdbd74109603d185dd4518fe4784bf144ec1cf5d3d79a8d64020a3
SHA512

5a3a4cbdf714212352e20a7566732a37b0c8d9537d7e3565b3d766f1b0200cb4fffdba777767229ebd2d6b70e48dc17d61e7289d264bbb6c7991651a05aa8acc
SSDEEP

6144:D3t/f/KGu0ViJ3odR2HEvlqWmnOLcKSNTaDJTckolMuzG4+ekU+z4KCgbJTA+7So:Dd/3ZhAJ4HeEIlnOozToJTckoawG2kUE

Score

1^/10

Malware Config

Signatures

Files

9781415336.zip
.zip

Password: infected
3fe9192d920b89dc62dc264e7b2647920b902fde5cd2f2c960f4b493b1f89d47
.exe windows x86

Password: infected

14d015e74f1cd4f74cd6e34e5843530f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
OpenMutexW
GetTickCount
GetModuleFileNameW
lstrcmpW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetVolumeInformationW
GetVolumePathNamesForVolumeNameW
CreateFileW
WriteFile
CloseHandle
GetLastError
ReadFile
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
WaitForSingleObject
CreateThread
MoveFileW
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
SetStdHandle
FindNextFileW
FindFirstFileW
GetFileSizeEx
FindClose
WaitForSingleObjectEx
Sleep
GetCurrentThreadId
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
RaiseException
RtlUnwind
InterlockedPushEntrySList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetStdHandle
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
HeapReAlloc
HeapSize
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
WriteConsoleW

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

Sections

.text
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

14d015e74f1cd4f74cd6e34e5843530f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 615KB - Virtual size: 614KB

.rdata Size: 130KB - Virtual size: 130KB

.data Size: 39KB - Virtual size: 47KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 615KB - Virtual size: 614KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 39KB - Virtual size: 47KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 33KB - Virtual size: 33KB