f17341f78a25a720e8accad90d560733328cfd22a18365960e2c3e0a7ff03411[.]EXE[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

f17341f78a25a720e8accad90d560733328cfd22a18365960e2c3e0a7ff03411.EXE.zip
Size

82KB
MD5

2f1e138be642d6f4fb9788b1b0c59dc3
SHA1

05f03c821b49f10468ef894f8d4ce3aa26c16a9a
SHA256

aebd95783526fb624f577278f48f075374e0764f7353b83ffa0ef2b267ce5726
SHA512

a4be3ae1422e1441f9121df493e7e821d3f93602e7c5a90ef5aeafc1901f657b43bf76f5812b5d2f4d8bd278d296fa23d8316392d42a2c11bfbd1880ec365691
SSDEEP

1536:vXSqMKA+oW/zbOgZ53K5uC6fFyiCoXZkExVqKkIlHoguds5ZSA/B25OV:63+BHdmkyiCkLqKJtuds5hBJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f17341f78a25a720e8accad90d560733328cfd22a18365960e2c3e0a7ff03411.EXE

Files

f17341f78a25a720e8accad90d560733328cfd22a18365960e2c3e0a7ff03411.EXE.zip
.zip

Password: infected
f17341f78a25a720e8accad90d560733328cfd22a18365960e2c3e0a7ff03411.EXE
.exe windows x86

780e20e7797ac5addcbd32abd3d64b26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

wsock32

accept
bind
listen
WSACleanup
closesocket
ioctlsocket
socket
setsockopt
htons
connect
getsockname
gethostbyname
inet_addr
send
WSAAsyncSelect
recv
inet_ntoa
WSAGetLastError
WSAStartup

kernel32

HeapSize
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FlushFileBuffers
GetOEMCP
GetACP
RtlUnwind
GetStringTypeW
GetStringTypeA
GetLastError
ReadFile
CloseHandle
GetFileSize
CreateFileA
Sleep
GetExitCodeProcess
CreateProcessA
GetStdHandle
GetTempFileNameA
CopyFileA
DeleteFileA
MoveFileA
FindClose
FindNextFileA
CompareStringA
WriteFile
GetFileAttributesA
GetCPInfo
GetLocaleInfoA
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentDirectoryA
GetFullPathNameA
SetEndOfFile
SetStdHandle
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcAddress
ExitProcess
SetFilePointer
SetHandleCount
TlsAlloc
GetCurrentThreadId
SetLastError
TlsFree
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
VirtualQuery
CompareStringW
FindFirstFileA
GetSystemInfo
VirtualProtect
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
GetFileType
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTimeZoneInformation
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
SetEnvironmentVariableA

user32

LoadCursorA
RegisterClassExA
CreateWindowExA
UpdateWindow
GetMessageA
PostQuitMessage
ShowWindow
SetActiveWindow
DefWindowProcA
DialogBoxParamA
CreateDialogParamA
GetDesktopWindow
GetWindowRect
MoveWindow
SetForegroundWindow
InvalidateRect
DestroyWindow
MessageBoxA
SendMessageA
IsWindow
IsDlgButtonChecked
EndDialog
SetWindowTextA
EnableWindow
CheckRadioButton
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
GetDlgItem

gdi32

GetStockObject

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

780e20e7797ac5addcbd32abd3d64b26

Headers

File Characteristics

Imports

comctl32

wsock32

kernel32

user32

gdi32

lz32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 158KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 158KB

.rsrc
Size: 60KB - Virtual size: 59KB