Malware-1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Malware-1.zip
Size

206KB
MD5

2a6f7e567b22702aac57436ecd2cbc24
SHA1

aa0634bad5539dd5ddd269ca7d04ccf02e874021
SHA256

37d083baede4e8d9e52e9ffc1cc0d96baff8090f3eb976b93389e7578bb43466
SHA512

d858472bb379ee202ef8aee1160822abd697e134cd8d0f1a637be111174c60dce6e9e3387fcd5c5571791a54f4840feb2e74cfd722dd2700a35a821319ce6e49
SSDEEP

3072:VOmdYjoFxzPzWOgh7wmVidZQPay45aaka7KFcxLTyPxYYiyfA5yIA:gwhPEUmViIS1oax7KFy/yZI5yIA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/394.png

Files

Malware-1.zip
.zip
394.png
.dll windows x64

5fffeda02919d6aa1f77a0a9fd2c681a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
GetFileSizeEx
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MapViewOfFile
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

Exports

Exports

togL10fromY
togL10toY
togL16fromY
togL16toY
togLuv24fromXYZ
togLuv24toXYZ
togLuv32fromXYZ
togLuv32toXYZ
tIFFAccessTagMethods
tIFFCIELabToRGBInit
tIFFCIELabToXYZ
tIFFCheckTile
tIFFCheckpointDirectory
tIFFCleanup
tIFFClientOpen
tIFFClientdata
tIFFClose
tIFFComputeStrip
tIFFComputeTile
tIFFCreateCustomDirectory
tIFFCreateDirectory
tIFFCreateEXIFDirectory
tIFFCreateGPSDirectory
tIFFCurrentDirOffset
tIFFCurrentDirectory
tIFFCurrentRow
tIFFCurrentStrip
tIFFCurrentTile
tIFFDataWidth
tIFFDefaultDirectory
tIFFDefaultStripSize
tIFFDefaultTileSize
tIFFDeferStrileArrayWriting
tIFFError
tIFFErrorExt
tIFFFaxBlackCodes
tIFFFaxBlackTable
tIFFFaxMainTable
tIFFFaxWhiteCodes
tIFFFaxWhiteTable
tIFFFdOpen
tIFFFieldDataType
tIFFFieldName
tIFFFieldPassCount
tIFFFieldReadCount
tIFFFieldTag
tIFFFieldWithName
tIFFFieldWithTag
tIFFFieldWriteCount
tIFFFileName
tIFFFileno
tIFFFillStrip
tIFFFillTile
tIFFFindCODEC
tIFFFindField
tIFFFlush
tIFFFlushData
tIFFFlushData1
tIFFForceStrileArrayWriting
tIFFFreeDirectory
tIFFGetBitRevTable
tIFFGetClientInfo
tIFFGetCloseProc
tIFFGetConfiguredCODECs
tIFFGetField
tIFFGetFieldDefaulted
tIFFGetMapFileProc
tIFFGetMode
tIFFGetReadProc
tIFFGetSeekProc
tIFFGetSizeProc
tIFFGetStrileByteCount
tIFFGetStrileByteCountWithErr
tIFFGetStrileOffset
tIFFGetStrileOffsetWithErr
tIFFGetTagListCount
tIFFGetTagListEntry
tIFFGetUnmapFileProc
tIFFGetVersion
tIFFGetWriteProc
tIFFInitCCITTFax3
tIFFInitCCITTFax4
tIFFInitCCITTRLE
tIFFInitCCITTRLEW
tIFFInitDumpMode
tIFFInitJBIG
tIFFInitJPEG
tIFFInitLERC
tIFFInitLZMA
tIFFInitLZW
tIFFInitNeXT
tIFFInitOJPEG
tIFFInitPackBits
tIFFInitPixarLog
tIFFInitSGILog
tIFFInitThunderScan
tIFFInitWebP
tIFFInitZIP
tIFFInitZSTD
tIFFIsBigEndian
tIFFIsByteSwapped
tIFFIsCODECConfigured
tIFFIsMSB2LSB
tIFFIsTiled
tIFFIsUpSampled
tIFFJPEGIsFullStripRequired
tIFFLastDirectory
tIFFMergeFieldInfo
tIFFNumberOfDirectories
tIFFNumberOfStrips
tIFFNumberOfTiles
tIFFOpen
tIFFOpenW
tIFFPredictorCleanup
tIFFPredictorInit
tIFFPrintDirectory
tIFFRGBAImageBegin
tIFFRGBAImageEnd
tIFFRGBAImageGet
tIFFRGBAImageOK
tIFFRasterScanlineSize
tIFFRasterScanlineSize64
tIFFRawStripSize
tIFFRawStripSize64
tIFFReadBufferSetup
tIFFReadCustomDirectory
tIFFReadDirectory
tIFFReadEXIFDirectory
tIFFReadEncodedStrip
tIFFReadEncodedTile
tIFFReadFromUserBuffer
tIFFReadGPSDirectory
tIFFReadRGBAImage
tIFFReadRGBAImageOriented
tIFFReadRGBAStrip
tIFFReadRGBAStripExt
tIFFReadRGBATile
tIFFReadRGBATileExt
tIFFReadRawStrip
tIFFReadRawTile
tIFFReadScanline
tIFFReadTile
tIFFRegisterCODEC
tIFFReverseBits
tIFFRewriteDirectory
tIFFScanlineSize
tIFFScanlineSize64
tIFFSetClientInfo
tIFFSetClientdata
tIFFSetCompressionScheme
tIFFSetDirectory
tIFFSetErrorHandler
tIFFSetErrorHandlerExt
tIFFSetField
tIFFSetFileName
tIFFSetFileno
tIFFSetMode
tIFFSetSubDirectory
tIFFSetTagExtender
tIFFSetWarningHandler
tIFFSetWarningHandlerExt
tIFFSetWriteOffset
tIFFSetupStrips
tIFFStripSize
tIFFStripSize64
tIFFSwabArrayOfDouble
tIFFSwabArrayOfFloat
tIFFSwabArrayOfLong
tIFFSwabArrayOfLong8
tIFFSwabArrayOfShort
tIFFSwabArrayOfTriples
tIFFSwabDouble
tIFFSwabFloat
tIFFSwabLong
tIFFSwabLong8
tIFFSwabShort
tIFFTileRowSize
tIFFTileRowSize64
tIFFTileSize
tIFFTileSize64
tIFFUnRegisterCODEC
tIFFUnlinkDirectory
tIFFUnsetField
tIFFVGetField
tIFFVGetFieldDefaulted
tIFFVSetField
tIFFVStripSize
tIFFVStripSize64
tIFFVTileSize
tIFFVTileSize64
tIFFWarning
tIFFWarningExt
tIFFWriteBufferSetup
tIFFWriteCheck
tIFFWriteCustomDirectory
tIFFWriteDirectory
tIFFWriteEncodedStrip
tIFFWriteEncodedTile
tIFFWriteRawStrip
tIFFWriteRawTile
tIFFWriteScanline
tIFFWriteTile
tIFFXYZToRGB
tIFFYCbCrToRGBInit
tIFFYCbCrtoRGB
tYZtoRGB24
tTIFFBuiltinCODECS
tTIFFCastUInt64ToSSize
tTIFFCheckFieldIsValidForCodec
tTIFFCheckMalloc
tTIFFCheckRealloc
tTIFFClampDoubleToFloat
tTIFFCreateAnonField
tTIFFDataSize
tTIFFDefaultStripSize
tTIFFDefaultTileSize
tTIFFFax3fillruns
tTIFFFillStriles
tTIFFFindOrRegisterField
tTIFFGetExifFields
tTIFFGetFields
tTIFFGetGpsFields
tTIFFMergeFields
tTIFFMultiply32
tTIFFMultiply64
tTIFFMultiplySSize
tTIFFNoPostDecode
tTIFFNoPreCode
tTIFFNoRowDecode
tTIFFNoRowEncode
tTIFFNoSeek
tTIFFNoStripDecode
tTIFFNoStripEncode
tTIFFNoTileDecode
tTIFFNoTileEncode
tTIFFPrintFieldInfo
tTIFFReadEncodedStripAndAllocBuffer
tTIFFReadEncodedTileAndAllocBuffer
tTIFFReadTileAndAllocBuffer
tTIFFRewriteField
tTIFFSeekOK
tTIFFSetDefaultCompressionState
tTIFFSetGetFieldSize
tTIFFSetupFields
tTIFFSwab16BitData
tTIFFSwab24BitData
tTIFFSwab32BitData
tTIFFSwab64BitData
tTIFFUInt64ToDouble
tTIFFUInt64ToFloat
tTIFFcalloc
tTIFFerrorHandler
tTIFFerrorHandlerExt
tTIFFfree
tTIFFgetMode
tTIFFmalloc
tTIFFmemcmp
tTIFFmemcpy
tTIFFmemset
tTIFFprintAscii
tTIFFprintAsciiTag
tTIFFrealloc
tTIFFsetByteArray
tTIFFsetDoubleArray
tTIFFsetFloatArray
tTIFFsetLongArray
tTIFFsetShortArray
tTIFFsetString
tTIFFwarningHandler
tTIFFwarningHandlerExt
tv_decode
vcab

Sections

.text
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RunDLL-1.bat
.bat .vbs

Sharing

General

Malware Config

Signatures

Files

5fffeda02919d6aa1f77a0a9fd2c681a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 310KB - Virtual size: 310KB

.data Size: 512B - Virtual size: 224B

.rdata Size: 173KB - Virtual size: 173KB

.pdata Size: 9KB - Virtual size: 9KB

.xdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 3KB

.edata Size: 7KB - Virtual size: 7KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 310KB - Virtual size: 310KB

.data
Size: 512B - Virtual size: 224B

.rdata
Size: 173KB - Virtual size: 173KB

.pdata
Size: 9KB - Virtual size: 9KB

.xdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 7KB - Virtual size: 7KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 20KB - Virtual size: 16KB