0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802[.]zip

General

Target

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
Size

561KB
MD5

57fbc04724194ea91fce3096f1accfd4
SHA1

d8dbb93006f7a474ecdda0f25e7e6e98fcf7dd85
SHA256

ad6c89804691fc852170b0ab2e2e8eb94a9b1f8f5cbb0d7df1aa86623307702e
SHA512

88546ed6524b74ce3ed1e847a197c9828b1d7ebb3db352360b69fc9bbf7f5b21b4a0b75a1c5d1b871ca2034eb1928a90c80e79e2a5ae96fc91c731e83450248f
SSDEEP

12288:ZpQ6PU7UyCBQqcVv/JPpzsrFKPKiuYJb4AM/Ncs7lnkAIZNjH3:ZWsUD+QqcVvhPpz2KPKG4vkAIZNjH3

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
.zip

Password: infected
0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: infected

fd5af0ab7a5a3177d30a084a47566c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlComputeCrc32

kernel32

GetCommandLineW
lstrcpyW

shell32

CommandLineToArgvW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data2
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ