照片#@l[.]zip[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

照片#@l.zip.7z
Size

837KB
MD5

8223b8780a1320e0ffb8cec27c7c0686
SHA1

950f85b6d03588c50ad40d20136d977eb34bcabb
SHA256

a7797064a8f83614b58ae4ab981682abef76dac8844b9e166e78e2bb47d3e704
SHA512

df38d764c5f81cc50f8cc94fb14605c8fdbc2f26d4ee86f51369099d7fc37ee9bb6e6baf7a2708dd770565b68705b25eaa0fb9a6cd0ae29c52c47c9173d1b25a
SSDEEP

12288:2+lHvzyfH7WtFQK4a/W6WVeduHq9fLQ70YYHRUh3fAVBdOcHYgJDNNLz1LV5B7hd:2+xI7WtFBw3HYKaRUupHdJxNLz1p7h

Score

1^/10

Malware Config

Signatures

Files

照片#@l.zip.7z
.7z

Password: infected
ç§ç#@l.zip
.zip
照片#@l.exe
.exe windows x64

814a48484858760f96dcfd6f150e7032

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetUnhandledExceptionFilter

user32

wsprintfW

advapi32

CryptAcquireContextW

bcrypt

BCryptGenRandom

ws2_32

bind

wldap32

ord127

Sections

.text
Size: - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 909KB - Virtual size: 909KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

814a48484858760f96dcfd6f150e7032

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

bcrypt

ws2_32

wldap32

Sections

.text Size: - Virtual size: 617KB

.rdata Size: - Virtual size: 154KB

.data Size: - Virtual size: 14KB

.pdata Size: - Virtual size: 30KB

_RDATA Size: - Virtual size: 512B

.text Size: - Virtual size: 355KB

.data Size: - Virtual size: 29KB

.text Size: 909KB - Virtual size: 909KB

.data Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 104B

.rsrc Size: 325KB - Virtual size: 325KB

.text
Size: - Virtual size: 617KB

.rdata
Size: - Virtual size: 154KB

.data
Size: - Virtual size: 14KB

.pdata
Size: - Virtual size: 30KB

_RDATA
Size: - Virtual size: 512B

.text
Size: - Virtual size: 355KB

.data
Size: - Virtual size: 29KB

.text
Size: 909KB - Virtual size: 909KB

.data
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 104B

.rsrc
Size: 325KB - Virtual size: 325KB