10246966215[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

10246966215.zip
Size

125KB
MD5

25ec0d268af7a74a56746777abc0fcc5
SHA1

216f8c64d397b57cb4c92dd1f3b0f030a2dbc16d
SHA256

c4d9511d4333167ff97f100d7468363655faaef38bb6c629ff21d9ba96cbb371
SHA512

8f224c8ff5d484160c5ca0dbf35bb1b2fbf631f2690f1e2b24a33c659a8b30a3c69405a8a24be0a12b1631b5d98423e46057bed92fa1a42689317f0bff133baf
SSDEEP

3072:Wmty7Z72fBFiXzPc7HaHzQihgWhFVSgf+uAeosCqya:Wgy7Z72fBFijya0ih7VXfCe+qya

Score

1^/10

Malware Config

Signatures

Files

10246966215.zip
.zip

Password: infected
dda1352555f36e2bc04845cb57f27cc565a6d6291f39e75fd98fa202e3833bdd
.exe windows x86

Password: infected

a2a2c7a9980b07fe1610b5dfaa3cac31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeSListHead
InterlockedPopEntrySList
lstrcpyW
LocalFree
GetFileSizeEx
SetEndOfFile
GetLastError
SetFilePointerEx
MoveFileExW
GlobalAlloc
GlobalFree
FindFirstFileW
FindFirstVolumeW
SetPriorityClass
GetCommandLineW
FindNextFileW
GetCurrentProcess
WaitForMultipleObjects
GetEnvironmentVariableW
FindClose
CreateMutexA
WaitForSingleObject
GetFileAttributesW
ReleaseMutex
lstrcatA
MapViewOfFile
GetLogicalDriveStringsW
lstrcatW
GetSystemInfo
CreateThread
SetVolumeMountPointW
FindVolumeClose
CreateProcessW
CopyFileW
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
lstrcmpiW
GetDriveTypeW
GetExitCodeProcess
EnterCriticalSection
WriteFile
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SetFilePointer
DeleteCriticalSection
lstrcpynA
GetComputerNameW
GetSystemTime
DecodePointer
WriteConsoleW
GetConsoleMode
InterlockedPushEntrySList
CreateFileMappingW
CloseHandle
InterlockedFlushSList
UnmapViewOfFile
CreateFileW
lstrlenA
lstrcpynW
lstrlenW
ReadFile
QueryPerformanceCounter
SetFileAttributesW
Sleep
GetConsoleCP
FlushFileBuffers
GetProcessHeap
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetModuleHandleExW
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetACP
HeapAlloc
HeapFree
GetFileType
CompareStringW
LCMapStringW
HeapReAlloc
HeapSize
GetStringTypeW
CreateProcessA
GetFileAttributesExW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
VirtualQuery

user32

wsprintfW
wsprintfA

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
RegOpenKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
AllocateAndInitializeSid
SetEntriesInAclW
SetNamedSecurityInfoW
FreeSid
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

shell32

SHChangeNotify
CommandLineToArgvW
ShellExecuteExW

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a2a2c7a9980b07fe1610b5dfaa3cac31

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

mpr

Sections

.text Size: 132KB - Virtual size: 132KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 8KB - Virtual size: 96KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 132KB - Virtual size: 132KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 8KB - Virtual size: 96KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 6KB