Overview

overview

10

Static

static

3

Document.lnk

windows7-x64

4

hey/superstring.dll

windows7-x64

10

hey/twelfth.bat

windows7-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    s.zip.zip

  • Size

    109KB

  • MD5

    f38428e8ba0c4d1c0c7a5d0cfa78c25c

  • SHA1

    3ad008936d12e4aab3cb8481ed6898d98f03ab97

  • SHA256

    fed94556d81622a39c4bfbaf39fa11dcab6a9b63fc487e037ccb1771f92ea894

  • SHA512

    b43a91ff8680bea849987a6969da41155f4ea3efc8d57d7592135a2c48b874203e8a21053d4607487e6a523d72926c5bca8c569951a3308802b3a743a4dd48d6

  • SSDEEP

    3072:7X21vskWriCiMb8UA0gRP8DuRCWxfGxOskz5PQokcQV0T:7X2Bsk28Y8UA08OuTxexOgL2T

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • s.zip.zip
    .zip

    Password: infected

  • s.zip
    .zip

    Password: infected

  • db7cd6d0f75ddf78e0e6e09119d9071df07b50ef3f5289d474921adba4f35047.iso
    .iso
  • Document.lnk
    .lnk
  • hey/superstring.dll
    .dll .js windows:6 windows x64 arch:x64 polyglot

    a52e5c67083c9a6469ce9283f8b67c82


    Headers

    Imports

    Exports

    Sections

  • hey/twelfth.bat