7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.zip
Size

1.0MB
MD5

756bea8fe2aa028dd7de48678e539d02
SHA1

f4b89152168f5a6e757d5c5de73256acacdd4bc8
SHA256

2f820123306d5a8abcb799114e5f277986f67951d3c4e80637586f9158c12e18
SHA512

ee5ed80f662904ea00857e3b5b4b47a5904799f6ab5ddca7e8196d6cfc98d9ab2a7a681486692bba31c50d70eb02382073057b84e6674f685a7114479d8c8f40
SSDEEP

12288:J+OaxnZcZhDrRgYLjG85hgUszme+Ug6lXNwTGz0oEp04sAybOxnw/ZD8fVSzUHvy:Dh5LPq0eHg63wKvQsAdq8fEzazra6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.dll

Files

7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.zip
.zip

Password: infected
7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.dll
.dll windows:5 windows x86 arch:x86

Password: infected

c9ec03d1eaad4e1692358ca05ade2cf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc

secur32

InitializeSecurityContextW

kernel32

lstrcmpiA
DeleteFiber
GetOverlappedResult
ExitProcess
FindFirstVolumeW
GetConsoleCP
GetSystemPowerStatus
GetProcessHeap
GetSystemDefaultUILanguage
GetThreadLocale
EnumTimeFormatsA
DeleteFileA
GetCurrentConsoleFont
GetModuleHandleA
OutputDebugStringA
LoadLibraryExW
GetModuleFileNameA
GetBinaryTypeA
WaitForSingleObjectEx
GetBinaryTypeW
GetLogicalDriveStringsW
GetConsoleMode
VirtualProtectEx

winspool.drv

DeletePrinterDriverExW

msvcrt

mbtowc
fgetws
fputws
fwrite

oleaut32

LoadRegTypeLi

advapi32

DeleteAce
GetFileSecurityW

gdi32

GetTextExtentPointA
GetOutlineTextMetricsA
GetCharWidthA
ExcludeClipRect

shell32

ExtractIconExA

user32

GetMenuItemInfoA
GetClipboardSequenceNumber
GetClipboardFormatNameA
DrawStateA
IsWindowVisible
GetRawInputDeviceInfoW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 916KB - Virtual size: 914KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

c9ec03d1eaad4e1692358ca05ade2cf2

Headers

DLL Characteristics

File Characteristics

Imports

winmm

secur32

kernel32

winspool.drv

msvcrt

oleaut32

advapi32

gdi32

shell32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 916KB - Virtual size: 914KB

.data Size: 228KB - Virtual size: 227KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 72KB - Virtual size: 70KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 916KB - Virtual size: 914KB

.data
Size: 228KB - Virtual size: 227KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 72KB - Virtual size: 70KB