General
-
Target
11881767264.zip
-
Size
21.2MB
-
MD5
331cffb3fca225ade25acaf93891c1ab
-
SHA1
49398fb7a997033658cc973d1cfa513d2951369c
-
SHA256
a79e4abd29e0cb1735f6499873b8074ebb7d4ced4ada139de813cb8b7e354f38
-
SHA512
d74093c50da9c2f766e678d5ab158b77a0d6e34d9ea5d344e61927f6f31c5225b197062301d39e3ab9ed17cd3cba7d70f8a371a17316da22947882c1f633641a
-
SSDEEP
393216:Dmn6lCdh1i2KMKslfeaRin7tLTzn4qzzDFvlwT9bRFN6E1wuwN7bHXuPENl088tM:xCA2KMVlfea8nZz4Gz5vlwB9auwtHgCL
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
11881767264.zip
Password: infected
-
caf4dfc4a31f549cc56e031394ddce26c9f277262c9a744ba2b56abead8652f7
-
11.txt
-
IP.txt
-
Ips.txt
-
Key.txt
-
Result/ .txt
-
Result/''.txt
-
Result/1and1.txt
-
Result/Global.txt
-
Result/NEXMO.txt
-
Result/ONESIGNAL.txt
-
Result/SMTP_RANDOM.txt
-
Result/STRIPE_KEY.txt
-
Result/TOKBOX.txt
-
Result/ams3.txt
-
Result/ap-northeast-1.txt
-
Result/ap-northeast-2.txt
-
Result/ap-south-1.txt
-
Result/ap-southeast-1 .txt
-
Result/ap-southeast-1.txt
-
Result/ap-southeast-2.txt
-
Result/aws_secret_key.txt
-
Result/ca-central-1.txt
-
Result/cn-north-1.txt
-
Result/eu-central-1.txt
-
Result/eu-west-1.txt
-
Result/eu-west-2.txt
-
Result/eu-west-3.txt
-
Result/kasserver.txt
-
Result/mailgun.txt
-
Result/mandrill.txt
-
Result/office365.txt
-
Result/ru-central1.txt
-
Result/sa-east-1.txt
-
Result/sendgrid.txt
-
Result/sendinblue.txt
-
Result/ses_key.txt
-
Result/smtp-relay.txt
-
Result/smtp_aws_ses.txt
-
Result/sparkpostmail.txt
-
Result/twillio.txt
-
Result/us-east-1 .txt
-
Result/us-east-1.txt
-
Result/us-east-2.txt
-
Result/us-west-1.txt
-
Result/us-west-2.txt
-
Result/valid_nexmo.txt
-
Result/zoho.txt
-
ipsq.txt
-
list.txt
-
nglbot.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
path.ini
-
sendto.ini
-
settings.ini
-
xz.txt