7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.zip
Size

1.0MB
MD5

90f02ab7f2e0e83e57e7e165caed1437
SHA1

9fb151851d31adf0bbddedfe0d622418df2e60ef
SHA256

dfaa9c578c036ccc1a8f332a083ef62deec5d4dd42c56f43b0b6ad4fb9071dfd
SHA512

111c865fbc367b8aac201a25126ee3c51c4d067a5ae867e65ddadacf755f267ca73de384381f4900d83ffd44d0dee0342669b3cae364f193398334383dffc761
SSDEEP

24576:X5PIIafphotB4BMxrzcRaZQMtGsGS1vgSfil/SGb/QRwe:XuXXatkHUgkiRSGkRwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.dll

Files

7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.zip
.zip

Password: infected
7502affbbb6086a020fe2ffe7b079e7ccf8e7fb11d48960561826054b2e0c1fe.dll
.dll windows:5 windows x86 arch:x86

Password: infected

c9ec03d1eaad4e1692358ca05ade2cf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

DefDriverProc

secur32

InitializeSecurityContextW

kernel32

lstrcmpiA
DeleteFiber
GetOverlappedResult
ExitProcess
FindFirstVolumeW
GetConsoleCP
GetSystemPowerStatus
GetProcessHeap
GetSystemDefaultUILanguage
GetThreadLocale
EnumTimeFormatsA
DeleteFileA
GetCurrentConsoleFont
GetModuleHandleA
OutputDebugStringA
LoadLibraryExW
GetModuleFileNameA
GetBinaryTypeA
WaitForSingleObjectEx
GetBinaryTypeW
GetLogicalDriveStringsW
GetConsoleMode
VirtualProtectEx

winspool.drv

DeletePrinterDriverExW

msvcrt

mbtowc
fgetws
fputws
fwrite

oleaut32

LoadRegTypeLi

advapi32

DeleteAce
GetFileSecurityW

gdi32

GetTextExtentPointA
GetOutlineTextMetricsA
GetCharWidthA
ExcludeClipRect

shell32

ExtractIconExA

user32

GetMenuItemInfoA
GetClipboardSequenceNumber
GetClipboardFormatNameA
DrawStateA
IsWindowVisible
GetRawInputDeviceInfoW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 916KB - Virtual size: 914KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

c9ec03d1eaad4e1692358ca05ade2cf2

Headers

DLL Characteristics

File Characteristics

Imports

winmm

secur32

kernel32

winspool.drv

msvcrt

oleaut32

advapi32

gdi32

shell32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 916KB - Virtual size: 914KB

.data Size: 228KB - Virtual size: 227KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 72KB - Virtual size: 70KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 916KB - Virtual size: 914KB

.data
Size: 228KB - Virtual size: 227KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 72KB - Virtual size: 70KB