2bb7d4d756699065d91957dac407d2af4cab7cdc343ab903cf1919625749b9a9[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

2bb7d4d756699065d91957dac407d2af4cab7cdc343ab903cf1919625749b9a9.zip
Size

855KB
MD5

d0474191e00e524917c37f70a31f36a7
SHA1

283e940ea863baf4d35314e9e1e199cc092b0379
SHA256

1f6cfc7fa71c7e40cc9f2cca69a032303b9232a49bbec378e8c7689e929ae02a
SHA512

05607e54b66295306404967f778340952c1e0195665f04596f096aebdc62542252ae32ad38f2e229df858081f99a1a2148cb96475a875eed4f9a0cf98ccd0473
SSDEEP

24576:l/e72A2B40gEKoVPJUWQUOH0WThkHo7IsrC:w7nSltURzH0WF9DrC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2bb7d4d756699065d91957dac407d2af4cab7cdc343ab903cf1919625749b9a9.dll

Files

2bb7d4d756699065d91957dac407d2af4cab7cdc343ab903cf1919625749b9a9.zip
.zip

Password: infected
2bb7d4d756699065d91957dac407d2af4cab7cdc343ab903cf1919625749b9a9.dll
.dll windows:5 windows x86

Password: infected

94bcc5b724063dcec05deb3baa7201e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
InterlockedCompareExchange
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep

Exports

Exports

@etVersionInfo
@ppu_Any_extraction_failure_msg
@ppu_unsatisfied_iquery_msg
@ppu_unsatisfied_iset_msg
@ypelib_setCacheSize
@ypelib_static_array_type_init
@ypelib_static_compound_type_init
@ypelib_static_enum_type_init
@ypelib_static_interface_type_init
@ypelib_static_mi_interface_type_init
@ypelib_static_sequence_type_init
@ypelib_static_struct_type_init
@ypelib_static_type_getByTypeClass
@ypelib_static_type_init
@ypelib_typedescription_acquire
@ypelib_typedescription_complete
@ypelib_typedescription_equals
@ypelib_typedescription_getByName
@ypelib_typedescription_isAssignableFrom
@ypelib_typedescription_new
@ypelib_typedescription_newArray
@ypelib_typedescription_newEnum
@ypelib_typedescription_newExtendedInterfaceAttribute
@ypelib_typedescription_newInterface
@ypelib_typedescription_newInterfaceAttribute
@ypelib_typedescription_newInterfaceMethod
@ypelib_typedescription_newMIInterface
@ypelib_typedescription_newStruct
@ypelib_typedescription_newUnion
@ypelib_typedescription_register
@ypelib_typedescription_registerCallback
@ypelib_typedescription_release
@ypelib_typedescription_revokeCallback
@ypelib_typedescriptionreference_acquire
@ypelib_typedescriptionreference_assign
@ypelib_typedescriptionreference_equals
@ypelib_typedescriptionreference_getDescription
@ypelib_typedescriptionreference_isAssignableFrom
@ypelib_typedescriptionreference_new
@ypelib_typedescriptionreference_newByAsciiName
@ypelib_typedescriptionreference_release
@no_EnvDcp_getPurpose
@no_EnvDcp_getTypeName
@no_Environment_enter
@no_Environment_invoke
@no_Environment_invoke_v
@no_Environment_isValid
@no_any_assign
@no_any_clear
@no_any_construct
@no_any_constructAndConvert
@no_any_destruct
@no_assignData
@no_bindIdToCurrentThread
@no_constructData
@no_copyAndConvertData
@no_copyData
@no_createEnvironment
@no_destructData
@no_dumpEnvironment
@no_dumpEnvironmentByName
@no_equalData
@no_getCurrentContext
@no_getCurrentEnvironment
@no_getEnvironment
@no_getIdOfCurrentThread
@no_getMapping
@no_getMappingByName
@no_getRegisteredEnvironments
@no_registerMapping
@no_registerMappingCallback
@no_releaseIdFromCurrentThread
@no_revokeMapping
@no_revokeMappingCallback
@no_sequence_assign
@no_sequence_construct
@no_sequence_realloc
@no_sequence_reference2One
@no_setCurrentContext
@no_threadpool_attach
@no_threadpool_create
@no_threadpool_destroy
@no_threadpool_detach
@no_threadpool_dispose
@no_threadpool_enter
@no_threadpool_putJob
@no_type_any_assign
@no_type_any_construct
@no_type_any_constructAndConvert
@no_type_assignData
@no_type_constructData
@no_type_copyAndConvertData
@no_type_copyData
@no_type_destructData
@no_type_equalData
@no_type_isAssignableFromData
@no_type_sequence_assign
@no_type_sequence_construct
@no_type_sequence_realloc
Crash

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

94bcc5b724063dcec05deb3baa7201e6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 780KB - Virtual size: 779KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 780KB - Virtual size: 779KB

.reloc
Size: 9KB - Virtual size: 9KB