d9a21f5a7c8560ce9a1368943509f791b568d18c2abd329cbb095662a7642ed6[.]zip

General

Target

d9a21f5a7c8560ce9a1368943509f791b568d18c2abd329cbb095662a7642ed6.zip
Size

185KB
MD5

7c05c9473f60142ec6e0e42a684e750b
SHA1

1ae66b2f9ba8fef505c7c023b203289e6082d5d4
SHA256

55a9986041f79432b6076c88e50deb19a71baf468453f75a203a11681d027247
SHA512

e7822ce5e72fb25060f82bfa7322a5a09e6c8034ed6f215692fcac50ac0205fcb552806fc57ac6ef152b806202d46248796ca214e2f8537d254b5f322d74e9e7
SSDEEP

3072:QJ8HfFWB8De1RVKQ8TDKxRxnRTmiPE2jJSuiz0VTinvvCpvWTTtUq3m7:QJ8HfFWiCL8D2rqi6uizSuHWMTt9i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d9a21f5a7c8560ce9a1368943509f791b568d18c2abd329cbb095662a7642ed6

Files

d9a21f5a7c8560ce9a1368943509f791b568d18c2abd329cbb095662a7642ed6.zip
.zip

Password: threatbook
d9a21f5a7c8560ce9a1368943509f791b568d18c2abd329cbb095662a7642ed6
.exe windows:5 windows x86 arch:x86

Password: threatbook

ce40e21b63b483c5ce91c6f4d304898b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SetLastError
LocalUnlock
IsBadHugeWritePtr
RtlUnwind
RaiseException
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetProcAddress
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetLastError
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapFree
HeapAlloc
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
GetStringTypeW
LCMapStringW
CloseHandle
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileW

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

ce40e21b63b483c5ce91c6f4d304898b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 496B

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 496B