5913d5ca107011d98d038ce771d337d83e470cd14dc57e499fa159568fc01109[.]zip

General

Target

5913d5ca107011d98d038ce771d337d83e470cd14dc57e499fa159568fc01109.zip
Size

4.3MB
MD5

f6136f10bfb0400c84b45adb5390ccc9
SHA1

1b5a923efad52569e5bb6ca59a369d3edd341a6a
SHA256

07cf56d95040ffce3b7aacebe6127f9d187dca26dbe51a5e2f6084102507cc05
SHA512

aedfb70d1c089999ab9b62832397e2b53df2688af7bbad41fdbf506cade0628a55c3dba448e6e14c918180c4ca43ae8cc325bc7bd34702b60b38fd6437bbdc4a
SSDEEP

98304:Y96d27kLAuMGPVO8QawpFTdVJ7+ZjD8EOhSn3VL79ucFG4:Y96zLVLUtlp+atYF7hG4

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5913d5ca107011d98d038ce771d337d83e470cd14dc57e499fa159568fc01109

5913d5ca107011d98d038ce771d337d83e470cd14dc57e499fa159568fc01109.zip
.zip

Password: infected
5913d5ca107011d98d038ce771d337d83e470cd14dc57e499fa159568fc01109
.exe windows x86

c49803c1a7226571416b24ee13403a29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
ExitProcess
GetLastError
GetProcAddress
GetLocalTime
GetVersionExA
LoadLibraryA
ReadFile
SetFileAttributesA
Sleep
WriteFile

shlwapi

PathAppendA

shfolder

SHGetFolderPathA

Sections

pzqrfzad
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

olgbiyor
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wapmlucz
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gdawlftk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

avuiyozo
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE