10716597643[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

10716597643.zip
Size

415KB
MD5

78ca852c98a473c913738a0ec10f9914
SHA1

2dd5f380feba809d4dfae8420a8479187ae56f4e
SHA256

95d7a966200b30121b5964fb4a36e3fe1163b2d36c22e20610ba70c2e888eac4
SHA512

ed0b16c85028d83a34f7e2d284488a4d9b155867e0ac5dcfd8d3141c177dab235881e92094a9a3d8fdcf5b146c6d2861e560036a668ca2a91289e4ab69bb7aa4
SSDEEP

12288:ZovssHGHaYQF45o8mJhOzgg3dk8OYV7L/qV+8ASVL5:ZokP6YQyZmPgPT7V7LiV+8AaN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ad50021c4feecd16112d82b43a9e70e2b6474601ed74840538b866d15ef116d5

Files

10716597643.zip
.zip

Password: infected
ad50021c4feecd16112d82b43a9e70e2b6474601ed74840538b866d15ef116d5
.dll windows x64

3658a23c85668c8f2fe18e3361239959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteTimerQueueEx
GetUserDefaultUILanguage
CompareStringOrdinal
SetSystemFileCacheSize
LockFile
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
Wow64GetThreadContext
SetSystemTime
SetErrorMode
SetFilePointer
InitOnceInitialize
TryAcquireSRWLockShared
EnumUILanguagesW
GetCompressedFileSizeW
GetNumaProcessorNode
GetConsoleTitleW
FlsGetValue
WriteFileEx
SetEndOfFile
WaitForThreadpoolIoCallbacks
CreateBoundaryDescriptorW
PeekNamedPipe
FatalExit
GetTempPathW
SystemTimeToTzSpecificLocalTimeEx
CreateHardLinkW
FindClose
GetLocaleInfoW
WaitForSingleObject
LocalAlloc
GetFileAttributesW
GetNumberFormatEx
FreeLibraryAndExitThread
GetFileAttributesTransactedW
OpenJobObjectW
DebugActiveProcessStop
OpenEventW
EnumSystemCodePagesW
UnregisterApplicationRecoveryCallback
OpenFileMappingW
CancelThreadpoolIo
GetUserPreferredUILanguages
GetCommTimeouts
ApplicationRecoveryFinished
SetupComm
SetSearchPathMode
HeapWalk
IsBadCodePtr
CallbackMayRunLong
QueryMemoryResourceNotification
GetUILanguageInfo
ContinueDebugEvent
Wow64EnableWow64FsRedirection
UnmapViewOfFile
HeapValidate
PrepareTape
GetSystemDefaultLocaleName
DisconnectNamedPipe
OpenProcess
GetVersion
SetProcessMitigationPolicy
CloseThreadpoolWait
GetNamedPipeInfo
QueueUserWorkItem
GetLogicalDriveStringsW
EndUpdateResourceW
CreateEventW
MultiByteToWideChar
ResolveLocaleName
SetTapeParameters
QueryThreadProfiling
BuildCommDCBAndTimeoutsW
WritePrivateProfileStructW
GetDurationFormat
CancelSynchronousIo
LocalFileTimeToFileTime
PowerCreateRequest
GetDevicePowerState
LCMapStringEx
MoveFileWithProgressW
SetCalendarInfoW
GetMaximumProcessorCount
Wow64RevertWow64FsRedirection
GetLastError
GetCurrencyFormatEx
WaitForThreadpoolWaitCallbacks
EscapeCommFunction
GetConsoleAliasesLengthW
SetThreadpoolThreadMaximum
SetConsoleCursorInfo
GetConsoleProcessList
AddResourceAttributeAce
OutputDebugStringW
GetMaximumProcessorGroupCount
SetThreadpoolTimerEx
FlushViewOfFile
CreateFileA
FileTimeToSystemTime
CloseThreadpoolTimer
DisableThreadLibraryCalls
ReadConsoleOutputW
InterlockedFlushSList
InitOnceComplete
AcquireSRWLockExclusive
GetActiveProcessorGroupCount
GetNumaProximityNodeEx
SetWaitableTimerEx
DefineDosDeviceW
EnumResourceNamesExW
GetCommState
CreateHardLinkTransactedW
InterlockedPushListSListEx
TransmitCommChar
MoveFileTransactedW
HeapReAlloc
CloseHandle
WriteConsoleOutputAttribute
CreateThreadpoolCleanupGroup
GetProcessIoCounters
SetThreadpoolTimer
ReleaseMutexWhenCallbackReturns
AllocateUserPhysicalPagesNuma
CompareStringEx
GetSystemInfo
BindIoCompletionCallback
QueryProcessCycleTime
ReadFileEx
CreateThreadpoolTimer
ResetEvent
SetComputerNameW
GetActiveProcessorCount
LoadResource
DeleteProcThreadAttributeList
FindResourceW
EnumDateFormatsExW
GlobalFindAtomW
HeapAlloc
Wow64SuspendThread
ClearCommError
DeleteSynchronizationBarrier
QueueUserAPC
FatalAppExitW
GetConsoleOriginalTitleW
GetUserGeoID
GetNLSVersionEx
GetCurrentDirectoryW
GetProcessPreferredUILanguages
SetStdHandle
CreateJobObjectW
GetOverlappedResult
CloseThreadpoolIo
SwitchToThread
GetNamedPipeServerProcessId
AddVectoredExceptionHandler
FindNextFileNameW
HeapDestroy
GetNamedPipeClientSessionId
LocalSize
GetDurationFormatEx
DeleteFileTransactedW
WriteConsoleW
SetProcessDEPPolicy
Beep
GetProcAddress
SetFilePointerEx
VirtualAllocEx
UnregisterWaitEx
DebugActiveProcess
GetProcessorSystemCycleTime
GetOverlappedResultEx
SetDefaultCommConfigW
CreateMemoryResourceNotification
DeleteCriticalSection
ExitProcess
FindAtomW
ReadProcessMemory
SetProtectedPolicy
GetCurrentProcessId
CopyFile2
EnumSystemLocalesW
GetProcessHeap
SystemTimeToFileTime
GlobalMemoryStatusEx
SetThreadExecutionState
IsValidLocale
FreeLibrary
SetFirmwareEnvironmentVariableExW
CreateSemaphoreW
IsValidLanguageGroup
CopyFileW
SetThreadpoolStackInformation
WideCharToMultiByte
CreateSymbolicLinkW
GetConsoleWindow
SetCommBreak
lstrcpyW
WinExec
CreateRemoteThread
SleepConditionVariableSRW
RemoveVectoredContinueHandler
GetThreadTimes
BeginUpdateResourceW
SystemTimeToTzSpecificLocalTime
FreeUserPhysicalPages
CommConfigDialogW
LocalReAlloc
GetTempFileNameW
CreateProcessA
ConvertFiberToThread
GetFileType
AddAtomW
TerminateJobObject
DeleteTimerQueueTimer
QueryIdleProcessorCycleTime
EnumSystemFirmwareTables
SetFileApisToANSI
Wow64GetThreadSelectorEntry
GlobalMemoryStatus
SetThreadErrorMode
IsBadReadPtr
SetProcessWorkingSetSize
CreateFileMappingW
BackupRead
GetTapeStatus
InterlockedPushEntrySList
SetConsoleCursorPosition
SetThreadPreferredUILanguages
MapViewOfFile
GetSystemWindowsDirectoryW
SetThreadContext
FindNextVolumeW
lstrcmpiW
GetProcessGroupAffinity
CreateMailslotW
GetDateFormatW
OpenMutexW
FindNextStreamW
GetEnvironmentStringsW
WaitNamedPipeW
GetTimeZoneInformationForYear
GlobalUnlock
SetCommConfig
GetCalendarInfoEx
AllocConsole
SetTapePosition
WriteConsoleOutputW
GetProcessHandleCount
SetConsoleTitleW
MoveFileW
IsWow64Process
CreateFiber
GetVolumeInformationByHandleW
GetFileTime
OpenThread
GenerateConsoleCtrlEvent
ConnectNamedPipe
DebugSetProcessKillOnExit
WriteConsoleOutputCharacterW
IsBadStringPtrW
FlushFileBuffers
GetCurrentConsoleFont
FileTimeToDosDateTime
RegisterApplicationRecoveryCallback
CreateThreadpoolWork
HeapSize
CreateFileW
FreeEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetUserDefaultLCID
LCMapStringW
GetConsoleOutputCP
GetStdHandle
ReadConsoleW
GetConsoleMode
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
RtlUnwindEx
TerminateProcess
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SignalObjectAndWait
LocalHandle
GetNumaNodeNumberFromHandle
Wow64SetThreadContext
GetUserDefaultLocaleName
SetConsoleWindowInfo
SetThreadUILanguage
GetThreadSelectorEntry
GetThreadLocale
CreateThreadpoolIo
GetModuleFileNameW
SetFileTime
HeapLock
PrefetchVirtualMemory
GetProfileIntW
VirtualAlloc
SetFileBandwidthReservation
GetStringTypeExW
RtlPcToFileHeader
GetPrivateProfileIntW
SetCurrentConsoleFontEx
GetShortPathNameW
CreatePrivateNamespaceW
ExpandEnvironmentStringsW
SetTimeZoneInformation
GetModuleHandleExW
RemoveDllDirectory
RegisterWaitForSingleObject
TryAcquireSRWLockExclusive
lstrcpynW
GetThreadIdealProcessorEx
TzSpecificLocalTimeToSystemTimeEx
WriteFile
SetDynamicTimeZoneInformation
EnumResourceTypesW
ReleaseSemaphore
EnumCalendarInfoW
GetProcessDEPPolicy
CreateWaitableTimerW
SetProcessAffinityMask
GetCurrentProcess
FindNLSString
FindNextFileW
SetSystemPowerState
IsDBCSLeadByteEx
FindVolumeMountPointClose
EnumCalendarInfoExEx
CreateTapePartition
GetHandleInformation
GetSystemTimeAdjustment
VirtualFree
EnterCriticalSection
SetLocalTime
RtlCaptureContext
AddDllDirectory
FindFirstFileNameW
SetConsoleTextAttribute
GetProfileSectionW
CreateEventExW
SetLastError
HeapFree
CopyFileTransactedW
VirtualProtect
FindFirstVolumeW
GetConsoleAliasesW
SetWaitableTimer
SetProcessAffinityUpdateMode
NeedCurrentDirectoryForExePathW
GetBinaryTypeW
FindFirstFileExW
EnumResourceLanguagesExW
WritePrivateProfileStringW
HeapCreate
CreateThreadpool
GetProcessShutdownParameters
GetNumaAvailableMemoryNodeEx
InitOnceExecuteOnce
GetFileSizeEx
InitOnceBeginInitialize
SetThreadLocale
NotifyUILanguageChange
StartThreadpoolIo
SetNamedPipeHandleState
CloseThreadpoolWork
QueryThreadpoolStackInformation
CancelIo
SetInformationJobObject
GetVolumeInformationW
EnumTimeFormatsW
GetConsoleAliasExesLengthW
SetConsoleCtrlHandler
SetConsoleHistoryInfo
SetFileIoOverlappedRange
BackupWrite
SizeofResource
GetProcessWorkingSetSizeEx
IsValidNLSVersion
ReadFile
EnterSynchronizationBarrier
GetCPInfoExW
CreateDirectoryW
GetNumaHighestNodeNumber
SetProcessPriorityBoost
UpdateResourceW
AreFileApisANSI
InitializeCriticalSectionEx
EncodePointer
DecodePointer
GetStringTypeW
GetCPInfo
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind

user32

UnregisterHotKey
LoadMenuW
GetGuiResources
CreateWindowExW
ScreenToClient
PrivateExtractIconsW
DestroyCursor
GetClassLongPtrW
SetTimer
GetMenuCheckMarkDimensions
CopyRect
GetKeyboardLayoutNameW
SetMenuItemInfoW
SetCoalescableTimer
IsProcessDPIAware
CreateDialogParamW
MessageBoxA
GetSysColor
UnhookWindowsHookEx
GetTitleBarInfo
FlashWindow
SetLayeredWindowAttributes
IntersectRect
IsCharAlphaNumericW
EndDeferWindowPos
EnableScrollBar
SwitchDesktop
GetComboBoxInfo
GetMenuItemRect
DdeFreeStringHandle
GetAncestor
SendDlgItemMessageW

gdi32

GetNearestColor
CancelDC
AddFontMemResourceEx
CreateCompatibleBitmap
PolylineTo
Pie
StartPage
GetDCPenColor
SetDIBColorTable
RectVisible
SetBoundsRect
CreateICW
GetTextExtentExPointW
GetLayout
EnumFontFamiliesExW
SetGraphicsMode
FloodFill
FrameRgn
PolyPolyline
GetClipRgn
GetTextFaceW
AbortDoc
GetColorAdjustment
GetStretchBltMode
BeginPath
GetPaletteEntries
GetMetaFileW
PlgBlt
CreateHatchBrush
Chord
GetEnhMetaFileW
PlayEnhMetaFile
StretchDIBits
UpdateColors
CopyEnhMetaFileW
SetSystemPaletteUse
SetLayout
GetTextCharset
SetWindowOrgEx
GetNearestPaletteIndex
PolyBezierTo
GetCurrentPositionEx
CreateRoundRectRgn
PolyBezier
PolyDraw
PlayMetaFileRecord
GetBitmapBits
CreateDIBPatternBrushPt
CreateEnhMetaFileW
GetWinMetaFileBits
SetMiterLimit
GetTextCharsetInfo
DeleteEnhMetaFile
PlayEnhMetaFileRecord
StrokePath
StrokeAndFillPath
GetDeviceCaps
GetTextMetricsW
GetTextAlign
OffsetRgn
SetPixelV
GetBoundsRect
PolyPolygon
GetFontData
AngleArc
GetMetaRgn
AddFontResourceW
GetEnhMetaFileBits
DrawEscape
ExtCreatePen
OffsetWindowOrgEx
CreateDiscardableBitmap
GetTextExtentPointI
GetGlyphIndicesW
GetRasterizerCaps
CreatePalette
GetCharABCWidthsW
CombineTransform
SetDIBits
GetTextColor
SetDCBrushColor
ExcludeClipRect
SetBkColor
RestoreDC
CreatePenIndirect
EnumObjects
SetMapMode
SetROP2
GetRandomRgn
GetCharWidthI
Escape
GdiComment
GetMapMode
GetMetaFileBitsEx
RoundRect
ExtTextOutW
GetRgnBox
CreateDIBPatternBrush
EndPage
GetViewportOrgEx
TranslateCharsetInfo
SetWorldTransform

crypt32

CryptStringToBinaryA

Exports

Exports

PartitionWizardEntryPoint
Sopisdoigadiufgaeuhf
Wpodfaodfjkoaejfidagfh

Sections

.text
Size: 459KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

3658a23c85668c8f2fe18e3361239959

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

crypt32

Exports

Exports

Sections

.text Size: 459KB - Virtual size: 458KB

.data Size: 316KB - Virtual size: 322KB

.pdata Size: 29KB - Virtual size: 28KB

_RDATA Size: 1024B - Virtual size: 244B

.kdata Size: 94KB - Virtual size: 93KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 459KB - Virtual size: 458KB

.data
Size: 316KB - Virtual size: 322KB

.pdata
Size: 29KB - Virtual size: 28KB

_RDATA
Size: 1024B - Virtual size: 244B

.kdata
Size: 94KB - Virtual size: 93KB

.reloc
Size: 3KB - Virtual size: 2KB