New Compressed (zipped) Folder[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

New Compressed (zipped) Folder.zip
Size

5.8MB
MD5

42b54c67c71e40520ada7da5edbd2cee
SHA1

9e9aa7b88e7315ca68ddf7552066e6feda0aa03f
SHA256

3caabcb2d4a171144663ecbbe91e0cceebb5cb2c846bda2a79dcad12a82871c8
SHA512

28df67a4f8044c08a7b577b743777c3867b1cb0449bae93001d9556aea402a99178d1a22a68335dbb119c76c477d031df8aef8d2ea2534b347a67b05699efde4
SSDEEP

98304:dSxL6uXCllmDers+Z1gmGbauo/wQWxsn/Tj6J/Fw8P4thTNXWjCSL:RUSj1gm5wEn/TOlLwthZXO

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/69eaf744102b7436487030f27fe72f0a3c6fb23252fd6806356f5ef55f58d993.exe
unpack001/7fe19185d338c2ea659f8e908b06c2e8e96942553bcddd4bd09db295aac6429d.exe
unpack001/8d5d5bbdccb82a10ac28e2779ba0821f12da3e1f08f03ec467ce213a6fccf38c.exe
unpack001/control.cpl

Files

New Compressed (zipped) Folder.zip
.zip
1737dadd681bc18087bf58f502692e32ad65db587ea6b1ad06eb1e682ed5ef9d.xls
.xls windows office2003
2f87507363a16dd66c722a14332fa4e7e4da67df19fc05d3dcbbdb09ad993003.doc
.doc windows office2003
69eaf744102b7436487030f27fe72f0a3c6fb23252fd6806356f5ef55f58d993.exe
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 939KB - Virtual size: 939KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 359KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6f8c8753ddbc6fa36698b4170467e18bf3995ba38a2393ea667b7897ad4fb041.msi
.msi
7fe19185d338c2ea659f8e908b06c2e8e96942553bcddd4bd09db295aac6429d.exe
.exe windows:4 windows x86

5e146bf6c1ef160162ed271c0ddde908

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateWaitableTimerW
CreateWaitableTimerA
WinExec
ExitProcess

user32

CharNextA
CharNextExA
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem

shell32

Control_RunDLL

Sections

.text
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
8b1d31df21816deb28e37e47c5d53d340a117f19f0a57c4974c67b376578efa0.html
.js
8d5d5bbdccb82a10ac28e2779ba0821f12da3e1f08f03ec467ce213a6fccf38c.exe
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 961KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a69d82c86bcd2114f31f89426bb3df557016e25097998d450ad8a99222a459a2.xlsx
.xlsx office2007
control.cpl
.dll windows:6 windows x64

189f872834dcab34bf4f8dd84616e152

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
CloseHandle
lstrcpyW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlCaptureContext

msi

ord141

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_configure_narrow_argv

Exports

Exports

CPlApplet

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eb5ab701f0787934a80d4a7d4a88c0744e583880763f145d2f55ae5adf26de7a.msi
.msi
f8cdd7261455c2df521aa36428aa224d4d0318e380569430edd8072eb891b957.xlsx
.xlsx office2007

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 939KB - Virtual size: 939KB

.data Size: 119KB - Virtual size: 119KB

.rdata Size: 3.6MB - Virtual size: 3.6MB

.pdata Size: 3KB - Virtual size: 3KB

.xdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 359KB

.edata Size: 512B - Virtual size: 78B

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 112B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 366KB - Virtual size: 365KB

.reloc Size: 17KB - Virtual size: 16KB

5e146bf6c1ef160162ed271c0ddde908

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 512B - Virtual size: 400B

.data Size: 1024B - Virtual size: 516B

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 961KB - Virtual size: 960KB

.rsrc Size: 1024B - Virtual size: 922B

.reloc Size: 512B - Virtual size: 12B

189f872834dcab34bf4f8dd84616e152

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msi

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 468B

.rsrc Size: 188KB - Virtual size: 187KB

.reloc Size: 512B - Virtual size: 44B

.text
Size: 939KB - Virtual size: 939KB

.data
Size: 119KB - Virtual size: 119KB

.rdata
Size: 3.6MB - Virtual size: 3.6MB

.pdata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 359KB

.edata
Size: 512B - Virtual size: 78B

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 366KB - Virtual size: 365KB

.reloc
Size: 17KB - Virtual size: 16KB

.text
Size: 512B - Virtual size: 400B

.data
Size: 1024B - Virtual size: 516B

.text
Size: 961KB - Virtual size: 960KB

.rsrc
Size: 1024B - Virtual size: 922B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 468B

.rsrc
Size: 188KB - Virtual size: 187KB

.reloc
Size: 512B - Virtual size: 44B