66cd83b74646e3e742a7e7e414393a3bc3a380c819ea40723702e3fd2ffb37b6[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

66cd83b74646e3e742a7e7e414393a3bc3a380c819ea40723702e3fd2ffb37b6.zip
Size

1.2MB
MD5

d46c02a9af2d2ca2cda7b99b961d331c
SHA1

303b80cdbfae49aa8deed5444d660f4f749cb369
SHA256

3d3d1ca8c5fa1c88e7c98f8984b7a3a3ad75dafd7d59fd8d372997e309f35e44
SHA512

b93a7533dcc73de03ce000b26525e75e42d6e61069f33fc29d8a21e714bde14552ff3dfaeac549b08d7dbc17f3d20db9cba8f217f15590658042c7f1a7cf343a
SSDEEP

24576:kNh6BRxI6oK82qA6zR3bVuHJiW5kOLPmvDLcuGYi3Gxy56L9D6Jw1vh5J:kNhEiK4X5gHoW5kAmbSX3GXL9D621vh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/66cd83b74646e3e742a7e7e414393a3bc3a380c819ea40723702e3fd2ffb37b6.bin

Files

66cd83b74646e3e742a7e7e414393a3bc3a380c819ea40723702e3fd2ffb37b6.zip
.zip

Password: malware
66cd83b74646e3e742a7e7e414393a3bc3a380c819ea40723702e3fd2ffb37b6.bin
.dll windows x86

Password: malware

475109ebf0658c9b1af8f6ef0d3f68ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallMsgFilterA
EndDeferWindowPos
GetCursorPos
GetProcessWindowStation
LoadAcceleratorsA
PaintDesktop
SetClipboardData

kernel32

CloseHandle
CopyFileExW
CreateMutexW
GetCommandLineW
GetSystemPowerStatus
IsBadHugeWritePtr
MapViewOfFile
OutputDebugStringW
lstrcmpiW

Exports

Exports

bkcwimorxp
mcpkujx
ulktsgj

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss1
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss3
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss4
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss5
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss6
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: malware

Password: malware

475109ebf0658c9b1af8f6ef0d3f68ed

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.idata Size: 1024B - Virtual size: 524B

.bss1 Size: - Virtual size: 4KB

.bss2 Size: - Virtual size: 4KB

.bss3 Size: - Virtual size: 4KB

.bss4 Size: - Virtual size: 4KB

.bss5 Size: - Virtual size: 4KB

.bss6 Size: - Virtual size: 4KB

.data Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 512B - Virtual size: 124B

.text
Size: 31KB - Virtual size: 31KB

.idata
Size: 1024B - Virtual size: 524B

.bss1
Size: - Virtual size: 4KB

.bss2
Size: - Virtual size: 4KB

.bss3
Size: - Virtual size: 4KB

.bss4
Size: - Virtual size: 4KB

.bss5
Size: - Virtual size: 4KB

.bss6
Size: - Virtual size: 4KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 512B - Virtual size: 124B