ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1.zip
Size

507KB
MD5

f073cd12e2baa9d265018cf65476692c
SHA1

8e57a4a770afdceab82c65ccd68ad42a7336c0d1
SHA256

41b88d86f1edce5ff233e6517a49486bd4fa572edf6561ef187c765916c1c3af
SHA512

552327180b75fa20ffd6e3c19bf7dc49b52bc795d300ed8dedcb5652361302d38126b84060a88c45333889d90450dda9165daccf61de8f0ea84fa313117522ea
SSDEEP

12288:6CoYJJYROCG8VhhqBn8OItiXNF7qxLm2wbNs6:6CoY4ROCGUMBn37XNcdmXps6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1

Files

ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1.zip
.zip

Password: threatbook
ab91e4803417bc6c3414ce4ac7f80f181d742d79e8756d64ca4833bef0ac9ff1
.exe windows x86

Password: threatbook

ae7676f7f80583c6281d6acc0b28e083

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkColor
GetObjectA
GetStockObject
DeleteObject
SetBkMode
SetTextColor
CreateFontIndirectA
SelectObject

user32

DestroyMenu
CreatePopupMenu
AppendMenuA
SendDlgItemMessageA
GetDlgItem
GetWindowLongA
ClientToScreen
GetCursorPos
SendMessageA
GetDlgItemTextA
wsprintfA
MessageBoxA
LoadCursorA
GetActiveWindow
CheckDlgButton
SetWindowTextA
IsDlgButtonChecked
SetWindowLongA
CallWindowProcA
GetClassInfoA
CloseClipboard
GetClipboardData
EnumClipboardFormats
SetDlgItemTextA
EndDialog
RegisterClassA
DefDlgProcA
SetActiveWindow
SetMenuItemInfoA
CheckMenuItem
GetMenu
InsertMenuItemA
SetWindowPlacement
SetTimer
GetSystemMenu
MoveWindow
GetClientRect
PostQuitMessage
DestroyWindow
DestroyIcon
KillTimer
GetSysColor
CheckMenuRadioItem
EnableMenuItem
CharLowerBuffA
GetWindowPlacement
SetDlgItemInt
GetSubMenu
IsMenu
GetWindowRect
CreateDialogParamA
DestroyCursor
PostMessageA
ChildWindowFromPoint
InvalidateRect
RemoveMenu
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
OpenClipboard
CharUpperA
SetFocus
SetClipboardData
EmptyClipboard
LoadIconA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
DialogBoxParamA
GetSysColorBrush
SetCursor
UnregisterClassA
CheckRadioButton
IsWindow
GetSystemMetrics
EnableWindow
GetWindowTextA
RedrawWindow
FindWindowA
SetWindowPos
wvsprintfA
TrackPopupMenu

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
Sleep
GetModuleHandleW
SetUnhandledExceptionFilter
GetCommandLineA
FreeConsole
GetVersion
GetProcAddress
GetModuleHandleA
AreFileApisANSI

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J!a
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

ae7676f7f80583c6281d6acc0b28e083

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 209KB - Virtual size: 209KB

.data Size: 3KB - Virtual size: 6KB

.J!a Size: 544KB - Virtual size: 543KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 209KB - Virtual size: 209KB

.data
Size: 3KB - Virtual size: 6KB

.J!a
Size: 544KB - Virtual size: 543KB

.reloc
Size: 2KB - Virtual size: 2KB