54fcfbf975b4e712634ad0e196242bbec304029d3ce0ae2a6a660e27d1e64def[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

54fcfbf975b4e712634ad0e196242bbec304029d3ce0ae2a6a660e27d1e64def.zip
Size

398KB
MD5

e8d31fbf6ffac3ce9814891f82102eb8
SHA1

49b79198fcd680ccfc6da341b9418a2f3fe398e7
SHA256

6616f01b50aa46117f30c9e1907097975de97f5e10e33e567de8e5987a7c4a16
SHA512

8a59dfbe8044a80b965c2d6ee18e527013e4f17dbe5379e50e7b8bf557094621becfdc2c49e54cd849d8e347c03ccb56a037c015acab60fad9371d8f4f3ebf4e
SSDEEP

12288:HvinRcX1/0ElqxC/KYUemxthbyDoHdLTsU:HviR08m3UHhVHRsU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/54fcfbf975b4e712634ad0e196242bbec304029d3ce0ae2a6a660e27d1e64def.exe

Files

54fcfbf975b4e712634ad0e196242bbec304029d3ce0ae2a6a660e27d1e64def.zip
.zip

Password: infected
54fcfbf975b4e712634ad0e196242bbec304029d3ce0ae2a6a660e27d1e64def.exe
.exe windows x86

Password: infected

5cf47a8f664cb90aa3fcea1e4a53d769

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
SetStdHandle
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LocalFree
GetLocaleInfoEx
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetStdHandle
WriteFile
ExitProcess
GetCommandLineA
GetCommandLineW
GetCurrentThread
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
HeapSize
HeapQueryInformation
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW

Sections

.textbss
Size: - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 551B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

5cf47a8f664cb90aa3fcea1e4a53d769

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.textbss Size: - Virtual size: 573KB

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 219KB - Virtual size: 218KB

.data Size: 8KB - Virtual size: 15KB

.idata Size: 3KB - Virtual size: 3KB

.msvcjmc Size: 1024B - Virtual size: 551B

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 39KB - Virtual size: 38KB

.textbss
Size: - Virtual size: 573KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 219KB - Virtual size: 218KB

.data
Size: 8KB - Virtual size: 15KB

.idata
Size: 3KB - Virtual size: 3KB

.msvcjmc
Size: 1024B - Virtual size: 551B

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 39KB - Virtual size: 38KB