7be72311ca90b652836de384d71ebc75ba9e8c3fcd8424e7c833266d68871424[.]zip

General

Target

7be72311ca90b652836de384d71ebc75ba9e8c3fcd8424e7c833266d68871424.zip
Size

80KB
MD5

30d57a3843448d68b0b1715a6d299a63
SHA1

3c0d46356b870f8b32368f8faca4cf41f83a4fa2
SHA256

f15b74129486b3e4f15eadfa5e0dec18a278b1f5307b0721c77bf4da4342a966
SHA512

335b1a2fabade8087a6abe6fb817cff13f6a84b4f81dda5e21eb25551ac1598c1288c43005d48e7ab54b18b7b442be2bafe1a973375e81eebab7d23c6aaf02d5
SSDEEP

1536:NbIv/wcOD1G2Krczh7CzSuEkfmzcTJWNC6Y01i:NbIvocOD1GdyUEkfmgJWNli

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7be72311ca90b652836de384d71ebc75ba9e8c3fcd8424e7c833266d68871424

7be72311ca90b652836de384d71ebc75ba9e8c3fcd8424e7c833266d68871424.zip
.zip

Password: infected
7be72311ca90b652836de384d71ebc75ba9e8c3fcd8424e7c833266d68871424
.exe windows:5 windows x86

45b3bc45f71f6d9e40582b43454bd6fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
TlsGetValue
VirtualAlloc
DeleteFileW
GetModuleHandleW
CreateEventA
SetSystemTime
GetCurrentDirectoryA
CreateMailslotA
LoadLibraryA
SleepEx
GetCurrentThread
OpenJobObjectA
GetShortPathNameA
MoveFileExW
WaitForSingleObject
OpenEventW
TerminateProcess
CreateFileA
RemoveDirectoryW

comsvcs

RecycleSurrogate
SafeRef
CoCreateActivity

ctl3d32

Ctl3dEnabled
Ctl3dCtlColor
Ctl3dUnregister
Ctl3dGetVer

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

udata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_MEM_READ

.relc
Size: 11.9MB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE