15712264540[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

15712264540.zip
Size

213KB
MD5

b7294757ab0f24bb093d578e9d1cdd74
SHA1

966c3e583a759a8361ffc7dbbcd85f741ab978d2
SHA256

2fca448c32b4d7c6ea481fe4809c6cfffa6db5b66a5215ef834cb07a6d924dde
SHA512

122a11d05a82f090ea72e4b82dcc370fe40c2f2f2c4a4e58fb770af85d4d503d2e00a37ceb4fde8f2391666d575d264a8beb8d9b084335f290701da279ee7f17
SSDEEP

6144:G3TVv8DZThxulekX2EydMOaQIXormMIErLJ7sKMBIYdIg:GDVUVTaljLOa7YaMIetzI5Ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b0b47bc9ecdb0db2e889dcec55bbb9fa2c546b9b63008e18414c16aeaee93e0f

Files

15712264540.zip
.zip

Password: infected
b0b47bc9ecdb0db2e889dcec55bbb9fa2c546b9b63008e18414c16aeaee93e0f
.exe windows:4 windows x86 arch:x86

Password: infected

7e117b642969118d9d6d4cddaf0826c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA

comctl32

ord14
ord15
ord17
ord13

comdlg32

ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

gdi32

SetBkMode
SetTextAlign
CreatePalette
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
TextOutA
SetBkColor
SetTextColor
Rectangle
CreateSolidBrush
GetStockObject
SelectObject
GetTextExtentExPointA
SetMapMode
GetDeviceCaps
SetPaletteEntries
CreateBitmap
RealizePalette
SelectPalette
UnrealizeObject
GetPixel
ExtTextOutA
CreatePen
LineTo
CreateCompatibleBitmap
TranslateCharsetInfo
GetTextMetricsA
CreateFontA
UpdateColors
ExcludeClipRect
IntersectClipRect
Polyline
MoveToEx
ExtTextOutW
SetPixel
GetCharWidthA
GetCharWidthW
GetCharWidth32W
GetCharWidth32A

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW

shell32

ShellExecuteA

user32

LoadIconA
SetScrollInfo
CreateCaret
LoadCursorA
DeleteMenu
InsertMenuA
SetCursor
PostQuitMessage
IsZoomed
GetKeyboardState
TrackPopupMenu
PostMessageA
EnableMenuItem
GetSystemMenu
DestroyCaret
GetMessageTime
ShowCursor
SetCaretPos
ToAsciiEx
SetKeyboardState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
FlashWindow
CheckMenuItem
DefDlgProcA
CreatePopupMenu
AppendMenuA
CreateMenu
GetMenuItemCount
GetKeyboardLayout
SetForegroundWindow
UpdateWindow
GetMessageA
SetTimer
KillTimer
IsWindow
DispatchMessageA
PeekMessageA
HideCaret
ShowCaret
WaitMessage
IsIconic
GetParent
GetWindowLongA
ReleaseCapture
GetDoubleClickTime
GetDesktopWindow
MoveWindow
CreateDialogParamA
EndDialog
EnableWindow
DialogBoxParamA
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
MessageBoxA
SetFocus
GetDlgItem
CheckDlgButton
CheckRadioButton
WinHelpA
RegisterWindowMessageA
DrawEdge
GetDlgItemTextA
SetDlgItemTextA
SetCapture
IsDlgButtonChecked
SendDlgItemMessageA
SetWindowLongA
MessageBeep
GetDC
ReleaseDC
MapDialogRect
GetCaretBlinkTime
DestroyWindow
BeginPaint
GetClientRect
GetWindowTextLengthA
GetWindowTextA
EndPaint
SetWindowPos
InvalidateRect
DefWindowProcA
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowTextA
SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
GetCursorPos
TranslateMessage
GetSystemMetrics
IsDialogMessageA

winmm

PlaySoundA

winspool.drv

OpenPrinterA
WritePrinter
EndPagePrinter
StartDocPrinterA
EndDocPrinter
ClosePrinter
StartPagePrinter
EnumPrintersA

kernel32

CompareStringA
SetEndOfFile
CompareStringW
SetEnvironmentVariableA
HeapCreate
GetProcAddress
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetVersion
GetCommandLineA
GetStartupInfoA
DeleteFileA
GetLastError
TerminateProcess
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
GetLocalTime
GetTimeZoneInformation
WriteFile
GetEnvironmentVariableA
CreateFileA
ReadFile
FreeLibrary
LoadLibraryA
GetVersionExA
Beep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateProcessA
GetLocaleInfoA
GetModuleFileNameA
lstrcpyA
GetModuleHandleA
LCMapStringW
MulDiv
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GetOEMCP
GetACP
GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetTickCount
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
HeapDestroy
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetFilePointer
SetStdHandle

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

7e117b642969118d9d6d4cddaf0826c3

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

imm32

shell32

user32

winmm

winspool.drv

kernel32

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 44KB - Virtual size: 64KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 44KB - Virtual size: 64KB

.rsrc
Size: 32KB - Virtual size: 32KB