7def1c436798ede485c67013369085a927d47f797b9cab0b2b75ca457a8eddca[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

7def1c436798ede485c67013369085a927d47f797b9cab0b2b75ca457a8eddca.zip.zip
Size

692KB
MD5

55820cc0f285545cb6d3d123bf75f71e
SHA1

7dc775e6170bc408c26c15fd5956d73edf4e9675
SHA256

aa21a71e25929ed43f7dc80a9a8e21bcad5880881e363c638cd053f3b7fb0548
SHA512

60d02063dcc4946da0c8000f7d21eb6bc05b0ffa6d0a8bf0d8f1f944660b6ea7bf41083e52aba35da289982f858aa57bb6f982324c4c577ec03f1f65be18b610
SSDEEP

12288:yCd4RbjGSCNUtlzXR+LmYYM9WdgdhtumTd1F1Q1r9MzNz9NJ:ynjGSbTXoLmb6WKhtumkihRNJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Ultimate Windows Tweaker 4.6/ButtonExtended.dll
unpack002/Ultimate Windows Tweaker 4.6/Ultimate Windows Tweaker 4.6.exe

Files

7def1c436798ede485c67013369085a927d47f797b9cab0b2b75ca457a8eddca.zip.zip
.zip

Password: infected
7def1c436798ede485c67013369085a927d47f797b9cab0b2b75ca457a8eddca.zip
.zip
Ultimate Windows Tweaker 4.6/ButtonExtended.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ultimate Windows Tweaker 4.6/Read Me First.txt
Ultimate Windows Tweaker 4.6/UWT4 Home Page.URL
Ultimate Windows Tweaker 4.6/Ultimate Windows Tweaker 4.6.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

!.
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 14KB - Virtual size: 13KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

!. Size: 550KB - Virtual size: 550KB

.text Size: 356KB - Virtual size: 355KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 512B - Virtual size: 12B

Size: 512B - Virtual size: 16B

.text
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 12B

!.
Size: 550KB - Virtual size: 550KB

.text
Size: 356KB - Virtual size: 355KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 512B - Virtual size: 12B