E876CAB250EB2B0AAB976FF9922A3945E2B4724166B0EFB64690B46FE470CD3C[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

E876CAB250EB2B0AAB976FF9922A3945E2B4724166B0EFB64690B46FE470CD3C.zip
Size

276KB
MD5

a873feea28ae8ae53d7f3559aac6fe8b
SHA1

fab6b0eb8e28a0adaa9de61eb11d578d3e93d43e
SHA256

8c95919bcd63af7020e9e80269a4fc1181d904773087ba1b29223ae6b8d0caf0
SHA512

08deffaba90edd665bc29030cdb9b9edff6df5f4f8b6c134005ad952b5eb8d368b09d3bd8ce4f197fd29d3a9bb36de11388691d5421fe5d2ecbf6987ef84a35a
SSDEEP

6144:yveefbwKaqLYDSNE+jCavHYPjb841Uyi/Dwag8FI:yveefbQSNZj7HWbteF/8H8G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/E876CAB250EB2B0AAB976FF9922A3945E2B4724166B0EFB64690B46FE470CD3C

Files

E876CAB250EB2B0AAB976FF9922A3945E2B4724166B0EFB64690B46FE470CD3C.zip
.zip

Password: infected
E876CAB250EB2B0AAB976FF9922A3945E2B4724166B0EFB64690B46FE470CD3C
.dll windows x86

72d1bfee97be4b38dd210f2f3a581d01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharPrevExA
CharPrevA
CharNextA
CharLowerW
CharLowerA
CharUpperW
CharUpperA

oleaut32

SysFreeString
SysAllocStringByteLen
VariantCopy
VariantClear
SysAllocString

msvcrt

_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
memset
strcmp
memcmp
_purecall
memcpy
memmove
__CxxFrameHandler
free
_CxxThrowException
malloc

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
SetEvent
CreateEventA
WaitForSingleObject
VirtualFree
VirtualAlloc
FileTimeToDosDateTime
FileTimeToLocalFileTime
SystemTimeToFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
DeleteCriticalSection
GetVersionExA
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
GetProcAddress
GetSystemInfo
CompareFileTime
WriteFile
ReadFile
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CloseHandle
SetFileAttributesA
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

72d1bfee97be4b38dd210f2f3a581d01

Headers

File Characteristics

Imports

user32

oleaut32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 436KB - Virtual size: 435KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 62KB - Virtual size: 61KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 436KB - Virtual size: 435KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 62KB - Virtual size: 61KB

.reloc
Size: 21KB - Virtual size: 21KB