out[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

out.zip
Size

37.4MB
MD5

3bcd2db69d12a8796a993bd67e4bc43c
SHA1

152105552e5dc7809b9ac22b52be1759609661cb
SHA256

727f1c338c1df7f9b888e7753b11d0b4f30f5a61c55b25b0025e67bfaa248f9b
SHA512

b51120c5145499e9148e003aa6879d53c697d68ac10da2dca69a2db35b36f315d109e4748f8b4a4729aee0f839332bfde96f6c4e9c95251fe02515f06c1a004e
SSDEEP

786432:9G9ctFDuNfPTLVkV7Vj3mAxQ9/J8x1J04svEohqQphds/2ARSYV:J3mVkrj3meQRJ8j/svdhq8mSYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/大华夏·微端【打金】.exe

Files

out.zip
.zip
大华夏·微端【打金】.exe
.exe windows x86

88e9ba805693c0535a772c31c6feee57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

winmm

midiStreamOpen

ws2_32

WSAStartup

user32

WaitForInputIdle

gdi32

PtVisible

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

SHGetSpecialFolderPathA

ole32

StgCreateDocfileOnILockBytes

oleaut32

SafeArrayAccessData

comctl32

ord17

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 971KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE