Overview

overview

10

Static

static

3

virus.zip

windows10-2004-x64

1

virus/300050311.bat

windows10-2004-x64

10

virus/bat_...ce.msi

windows10-2004-x64

6

virus/bat_...e1.exe

windows10-2004-x64

1

virus/bat_...e5.exe

windows10-2004-x64

1

virus/bat_...e6.exe

windows10-2004-x64

1

virus/exe_...l2.dll

windows10-2004-x64

1

virus/exe_...l2.dll

windows10-2004-x64

1

virus/exe_..._30006

windows10-2004-x64

3

virus/exe_..._30001

windows10-2004-x64

3

virus/exe_..._30000

windows10-2004-x64

3

virus/exe_..._30005

windows10-2004-x64

3

virus/exe_...001_xn

windows10-2004-x64

3

virus/exe_..._30000

windows10-2004-x64

3

virus/exe_...000_re

windows10-2004-x64

3

virus/exe_..._30005

windows10-2004-x64

3

virus/ftp.txt

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    virus.zip

  • Size

    5.2MB

  • MD5

    df0853f5b6924e5fc20cfa9251e0fa8b

  • SHA1

    eb500234ade859744fe9edb1bc37ffdee2aa804a

  • SHA256

    c96487b01c7e482f79cde8f089f476860069f9ffc0c5ea6a352ca14cea86f744

  • SHA512

    c617681d2c74860dde65e422b9e8fd5ac456298a1823d0f068895421e8773eb02f1ca30eee224b442b8fa55bee848ee7bd91b7c419d0f59fab9f1c8b1f5dcf61

  • SSDEEP

    98304:VC3a9iOtrYHmNMySOcajotXMJlbBupfzb0umBhAqlm1xLnqSIW6LgSkn6zz/5wE1:VCiY2frQMXyfJc0LnjIW6Lgqqy

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • virus.zip
    .zip

    Password: infected

  • virus/300050311.bat
    .bat .vbs
  • virus/bat_download/abce.msi
    .msi
  • virus/bat_download/abce1.exe
    .exe windows:5 windows x86 arch:x86

    Password: infected

    78f576ae2e371c85695566fd666150ef


    Headers

    Imports

    Sections

  • virus/bat_download/abce5.exe
    .exe windows:5 windows x86 arch:x86

    Password: infected

    cecf524de24b9232612e5634721105ee


    Headers

    Imports

    Sections

  • virus/bat_download/abce6.exe
    .exe windows:5 windows x86 arch:x86

    Password: infected

    cecf524de24b9232612e5634721105ee


    Headers

    Imports

    Sections

  • virus/exe_download/libxml2.dll
    .dll windows:5 windows x86 arch:x86

    Password: infected

    c243e351eee98b7d5d873b899641c3cb


    Headers

    Imports

    Exports

    Sections

  • virus/exe_download/libxml2.dll2
    .dll windows:5 windows x86 arch:x86

    Password: infected

    ae1990764c227ffa09a0c60c1386a546


    Headers

    Imports

    Exports

    Sections

  • virus/exe_download/sl_154.91.228.20_30006
  • virus/exe_download/sl_211.101.235.144_30001
  • virus/exe_download/sl_38.47.239.5_30000
  • virus/exe_download/sl_43.128.5.55_30005
  • virus/exe_download/win.dat_211.101.235.144_30001_xn
  • virus/exe_download/win.dat_38.47.239.5_30000
  • virus/exe_download/win.dat_38.47.239.5_30000_re
  • virus/exe_download/win.dat_43.128.5.55_30005
  • virus/ftp.txt