16388B5B91B7D67A0272CAB80877404E338E9511F86E30DA52453B271AFB1095[.]zip

General

Target

16388B5B91B7D67A0272CAB80877404E338E9511F86E30DA52453B271AFB1095.zip
Size

157KB
MD5

91268a9fa0d4c2838d7bd3c5e037a4d7
SHA1

6c34dfa512e7bf96018ee2f6f48b3b568331613a
SHA256

e4ecd526498dcf0d4c09afede4698d318730678cf07cdd7b755c467f6a690ee0
SHA512

08645de285fef6a2ee615147d6e75cfe4fb286edadb4a1d0a54837a058ac68864bdf5c3eddb21497eb469932789d91b5a1c09e21d7752f0d9b338e7310df8114
SSDEEP

3072:QFSTCWSt44Cupbw0/FsFFSXh7tb3wIAxjP3H4UsQ6a3zaCtJQKnXo:SR5Cut5/F+Fm7tb3QjmiPTY

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/16388B5B91B7D67A0272CAB80877404E338E9511F86E30DA52453B271AFB1095

16388B5B91B7D67A0272CAB80877404E338E9511F86E30DA52453B271AFB1095.zip
.zip

Password: infected
16388B5B91B7D67A0272CAB80877404E338E9511F86E30DA52453B271AFB1095
.dll windows:5 windows x64 arch:x64

8d25c618d0779a89595e4da8805ff35d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt

kernel32

DecodePointer
LoadLibraryA
GetLastError
FreeLibrary
GetProcAddress
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
EncodePointer
RaiseException
Sleep

Exports

Exports

contgest_crea_datos_autor

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ