b6e10c34fc41b0345605b1498085a497bb2f04add7a4eb12410a9699db061200[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

b6e10c34fc41b0345605b1498085a497bb2f04add7a4eb12410a9699db061200.zip.zip
Size

4.9MB
MD5

ec1eccc68a04b6996f29af06d661d380
SHA1

8799e409f5c3969e200ef25fde520e2ba45784f2
SHA256

daee3ccec870a9afa64d3d3cb6dfe54db51ae61cf8d54b10f762a7705d33abe9
SHA512

dc38034357a4997ad35e8cf714c1faaf2b0b9ca881f4e3b36b91b8221799adb485f911e344f8ab8c1b3e96db21cc802aba575a79d506a9ac10e94100f3325016
SSDEEP

98304:nuWve+H4KVFJ3Ghat1q7Pg7wgsgtZkCSxYxWCFiTw3dEvH0VuCil0II:nuWvzYiFRKaPq747wgs6dHxmTCCMIi3

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/HTS2.22-SnakeEdition.exe
unpack002/snake4hts32.dll

Files

b6e10c34fc41b0345605b1498085a497bb2f04add7a4eb12410a9699db061200.zip.zip
.zip

Password: infected
b6e10c34fc41b0345605b1498085a497bb2f04add7a4eb12410a9699db061200.zip
.zip
HTS2.22-SnakeEdition.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

HTS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
snake4hts32.dll
.dll windows:6 windows x86

8d7abcf37fc47d1d0345cfac9227b270

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EscapeCommFunction
PurgeComm
SetupComm
SetCommTimeouts
SetCommState
GetCommState
CreateFileW
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetLastError
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryExA
InitializeCriticalSection
Sleep
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
GlobalAlloc
GlobalFree
lstrlenW
WriteFile
ReadFile
CloseHandle
VerSetConditionMask
SetUnhandledExceptionFilter
VerifyVersionInfoW

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW

ftd2xx

ord2
ord8
ord7
ord27
ord80
ord71
ord70
ord17

Exports

Exports

snake_search

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 7.5MB - Virtual size: 7.5MB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 12B

HTS Size: 1KB - Virtual size: 1KB

8d7abcf37fc47d1d0345cfac9227b270

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

setupapi

ftd2xx

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 78KB

.data Size: 5KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 7.5MB - Virtual size: 7.5MB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 12B

HTS
Size: 1KB - Virtual size: 1KB

.text
Size: 79KB - Virtual size: 78KB

.data
Size: 5KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 4KB