Static task
static1
General
-
Target
mxjUxT5EjBdf6EmsOnbAcL.zip
-
Size
2.9MB
-
MD5
88df04d88b96e81cd9a130bdf7d943eb
-
SHA1
394ca58e7d91a5f7bd43e1cb1ae30473ae339ee7
-
SHA256
be7df2aab1888a38b48442c56ce78053ca67b4ead51b5aacfef8064b5f926f2a
-
SHA512
d0e208e807870d27a93ba8cbe97327024343c8e5959fd5d375fec0add9cc71ebb08b1db4bae0ed3d33b0001f259c63e4cee207085bd091bd43ce49b8f0c254f3
-
SSDEEP
49152:Pq58Tg48JKvWTjYizBxX63lX3UT+j2PpZiH7+1DMHRQaABIDF6BXHHFLG:Py48kUUWM0T+j87gRwuZ6BXFq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/A imprimer SAVA.exe_
Files
-
mxjUxT5EjBdf6EmsOnbAcL.zip.zip
Password: unzip-me
-
A imprimer SAVA.exe_.exe windows x86
Password: unzip-me
7af2fe87a3ab930007d141d21c36ceda
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetFocus
MessageBoxA
msvcr90
_onexit
_decode_pointer
_lock
_invoke_watson
_strdup
_crt_debugger_hook
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
realloc
bsearch
qsort
memset
memcpy
fprintf
__iob_func
setbuf
getenv
atoi
malloc
free
strncmp
strrchr
__argv
__argc
strncpy
_snprintf
_stricmp
_except_handler4_common
_controlfp_s
kernel32
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
HeapAlloc
IsBadReadPtr
SetLastError
GetProcessHeap
HeapFree
VirtualFree
VirtualProtect
VirtualAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA
LocalFree
lstrlenA
UnhandledExceptionFilter
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
files-api.kL7x9hWhqte7JGeA0tTcbh.xml.xml
-
manifest.json
-
metadata.json
-
script.xml.xml
-
sysinfo.vwLjRDJj6K9i1OHQBEfXHg.xml.xml