0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802[.]zip

General

Target

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
Size

561KB
MD5

3204224501a9ee55101d7b3df20f7a81
SHA1

02fef82386e9857643ad29ed576c832ee8b7e4c4
SHA256

f7d76abcfef1a98709bae3c3eb1c55ac6b27ad0d4fdbaebe907eca8acd5b0d42
SHA512

fd9ce2b26abc48a88dbb7f14f1322c57fd5c154ab0d24648facb9121e764360ea7b656b4d71f4d9452879189bd98cdb05dc098d916c07eba41da48f91e523016
SSDEEP

12288:sp05WdcWP4CRJYOrkg9bxY4CYl7TESQtSKLf3OPlnZCrR:sp04cWHjrkg9bxnCYl7TECWfQlW

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll

0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.zip
.zip

Password: infected
0457768f9d8d70ff59275c27bc99d45c1c48cf1e932d29c3f2e9d5e037acd802.dll
.dll regsvr32 windows:6 windows x86 arch:x86

Password: infected

fd5af0ab7a5a3177d30a084a47566c4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlComputeCrc32

kernel32

GetCommandLineW
lstrcpyW

shell32

CommandLineToArgvW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data2
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ