14acc51ffe02b0a5379f05f0b85221dbd340b9e16effea98df5a445ba47b45c6[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

14acc51ffe02b0a5379f05f0b85221dbd340b9e16effea98df5a445ba47b45c6.zip.zip
Size

474KB
MD5

131b3fe2149b43ab941aed02aa4cc707
SHA1

776e4f20a96234000c7308c3af8350995aca778a
SHA256

60dc13c616aafd2fa20efca1d384441cf459507a7abd0ade5b9a8e68e734a805
SHA512

c3c7d696ccf65b572a5d20e17e84f060c715e7e68e0becfcdb6bbefa53a30e11c10df4273c0588cc3c3a305ba6009e50a1e13930118747944bc7a95a7264080d
SSDEEP

12288:vR+pdBf+zGlgbvddTOD4YKWD3+gELftQvtfojwwEmF:s50j9WGwfoj7hF

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack004/MP4M.exe
unpack004/uninstall.exe

Files

14acc51ffe02b0a5379f05f0b85221dbd340b9e16effea98df5a445ba47b45c6.zip.zip
.zip

Password: infected
14acc51ffe02b0a5379f05f0b85221dbd340b9e16effea98df5a445ba47b45c6.zip
.zip
motcvt.zip
.zip
MOTCVT.EXE
MOTCVT.PAS
in_txt.txt
mel.inc
mp4m.zip
.zip
History.txt
MP4M.GID
MP4M.HLP
MP4M.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 204KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MP4M.ini
MP4M.mbf
.ps1
Motorola.ico
elka.mpm
notes.wav
read.me
uninstall.exe
.exe windows:4 windows x86

a47f548ea6f647eb3e32bd3d7b6d1206

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileSize
VirtualFree
CreateFileA
ReadFile
GetCommandLineA
ResumeThread
SetThreadPriority
CreateProcessA
CloseHandle
WriteFile
OpenMutexA
FindClose
FindFirstFileA
LoadLibraryA
WaitForSingleObject
lstrcatA
Sleep
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileStringA
VirtualAlloc
DeleteFileA
SetFileAttributesA
FindNextFileA
RemoveDirectoryA
SetCurrentDirectoryA
CopyFileA
SetFilePointer
GetWindowsDirectoryA
GetCurrentDirectoryA
CompareStringA
GetModuleFileNameA
InterlockedIncrement
GetModuleHandleA
GetFileAttributesA
lstrcpyA
SetErrorMode
LoadLibraryExA
GetLastError
GetProcAddress
lstrlenA
FreeLibrary
GetShortPathNameA
GetTempPathA

user32

GetDlgItem
SetWindowTextA
SetClassLongA
LoadIconA
GetWindowLongA
SendMessageA
ShowWindow
EndDialog
DialogBoxParamA
SetWindowPos
GetWindowRect
SetDlgItemTextA
PostMessageA
SendDlgItemMessageA
FindWindowA
EnumWindows
GetWindowTextA
wvsprintfA
MessageBoxA
wsprintfA
EnableWindow

gdi32

RemoveFontResourceA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA

shell32

SHChangeNotify

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.ini
zvonok.zip
.zip
8515def.inc
mel.inc
zvonok.asm
zvonok.eep
zvonok.hex

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

CODE Size: 204KB - Virtual size: 496KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 32KB

.rsrc Size: 26KB - Virtual size: 80KB

.aspack Size: 6KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

a47f548ea6f647eb3e32bd3d7b6d1206

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 4B

.data Size: 1024B - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 2KB

.Shared Size: 512B - Virtual size: 4B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

CODE
Size: 204KB - Virtual size: 496KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 32KB

.rsrc
Size: 26KB - Virtual size: 80KB

.aspack
Size: 6KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 4B

.data
Size: 1024B - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 2KB

.Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB