15916138746[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

15916138746.zip
Size

4.4MB
MD5

18f2ed5af57af0027d85c16b2f08d15b
SHA1

14ac35920956df02be37fc03201c69ed2fba93fe
SHA256

ce7e375700c2b4ae6a78273e2ad56fdad37d927f3917fe9914c642f4d20cf613
SHA512

452342dd2ba6ef44fe69ef2cbea1db5e8d06a65449190c37a70f59c4e93567c1e89cd371f7dd6bff5adbaa8e51477cf77bdffd88031325feef9b19935b7d6b57
SSDEEP

98304:bZgWtCS2IXtAXRl+Uoc9QofVyt6EX1HC5KXUWV6fsqBmyvbIYJ:bZgEtdAXRP9QMVrg11XUmO1tvbj

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack002/MV_IPTel/docs/MV_IPTel_Quick_Start.pdf	pdf_with_link_action
static1/unpack002/MV_IPTel/docs/MV_IPTel_Reference.pdf	pdf_with_link_action

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack002/MV_IPTel/bin/MV_IPTel_Services.exe
unpack002/MV_IPTel/bin/MV_Mgr.exe
unpack002/MV_IPTel/bin/MV_Pwd_Generator.exe
unpack002/MV_IPTel/bin/MV_Scan_Console.exe
unpack002/MV_IPTel/bin/libsnmp.dll
unpack002/MV_IPTel/bin/mvsnmpget.exe

Files

15916138746.zip
.zip

Password: infected
c42b1964954424949bfd9233f5539c790fa1447df29f5a69b5d5ace66c8c6853
.zip
MV_IPTel/bin/MV_IPTel.ini
MV_IPTel/bin/MV_IPTel_Services.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MV_IPTel/bin/MV_Mgr.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 559KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MV_IPTel/bin/MV_Pwd_Generator.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 323KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MV_IPTel/bin/MV_Scan_Console.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MV_IPTel/bin/libsnmp.dll
.dll windows:4 windows x86 arch:x86

28693ce1b1268b3ca1182b72823b05fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSACleanup
WSAStartup
getsockname
gethostname
select
__WSAFDIsSet
accept
recv
recvfrom
inet_addr
send
sendto
closesocket
ioctlsocket
gethostbyname
htons
socket
bind
connect
listen
getservbyname
ntohs
htonl
ntohl

msvcrt

_unlink
_mktemp
strchr
_stat
_adjust_fdiv
_initterm
toupper
wcsncmp
_ftime
_vsnprintf
localtime
setvbuf
sprintf
free
malloc
memmove
_snprintf
calloc
_strdup
strtol
strtok
_pctype
_isctype
__mb_cur_max
time
atoi
fprintf
strstr
getenv
_iob
strncmp
_putenv
strtoul
strrchr
tolower
fclose
fopen
ungetc
sscanf
getc
fgets
strerror
_errno
rename
srand
rand
strncpy
realloc
fputs

kernel32

GetTickCount
FindFirstFileA
FindNextFileA
FindClose
DisableThreadLibraryCalls
CreateDirectoryA

advapi32

RegQueryValueExA
RegCloseKey

Exports

Exports

MDbegin
MDupdate
Mib
add_mibdir
add_module_replacement
ascii_to_binary
asn_build_bitstring
asn_build_header
asn_build_int
asn_build_length
asn_build_null
asn_build_objid
asn_build_sequence
asn_build_string
asn_build_unsigned_int
asn_build_unsigned_int64
asn_parse_bitstring
asn_parse_header
asn_parse_int
asn_parse_length
asn_parse_null
asn_parse_objid
asn_parse_string
asn_parse_unsigned_int
asn_parse_unsigned_int64
atime_diff
atime_newMarker
atime_ready
atime_setMarker
binary_to_hex
calculate_time_diff
clear_tree_flags
closedir
config_perror
config_pwarn
copy_word
debug_indent
debug_indent_add
debug_is_token_registered
debug_register_tokens
debugmsg
debugmsg_hex
debugmsg_hextli
debugmsg_oid
debugmsgtoken
decode_keychange
ds_get_boolean
ds_get_int
ds_get_string
ds_register_config
ds_register_premib
ds_set_boolean
ds_set_int
ds_set_string
ds_toggle_boolean
dump_chunk
encode_keychange
find_best_tree_node
find_module
find_node
find_tree_node
fprint_description
fprint_objid
fprint_variable
free_config
generate_Ku
generate_kul
get_default_authtype
get_default_privtype
get_module_node
get_myaddr
get_node
get_symbol
get_tc_descriptor
get_tree
get_tree_head
get_uptime
get_wild_node
gettimeofday
hex_to_binary
hex_to_binary2
init_callbacks
init_mib
init_mib_internals
init_snmp
init_snmp_alarm
init_snmpv3
memdup
mkdirhier
opendir
printI64
printU64
print_ascii_dump
print_ascii_dump_tree
print_description
print_mib
print_mib_tree
print_objid
print_oid_report
print_oid_report_enable_labeledoid
print_oid_report_enable_oid
print_oid_report_enable_suffix
print_oid_report_enable_symbolic
print_subtree
print_value
print_variable
read_all_mibs
read_app_config_store
read_config_print_usage
read_config_read_data
read_config_read_octet_string
read_config_save_octet_string
read_config_store
read_config_store_data
read_config_with_type
read_configs
read_mib
read_module
read_objid
read_premib_configs
readdir
register_app_config_handler
register_config_handler
register_mib_handlers
run_alarms
sc_init
setenv
setup_engineID
skip_not_white
skip_white
snmp_add_null_var
snmp_add_var
snmp_api_errstring
snmp_async_send
snmp_build_var_op
snmp_call_callbacks
snmp_callback_available
snmp_clean_persistent
snmp_clone_mem
snmp_clone_pdu
snmp_clone_var
snmp_clone_varbind
snmp_close
snmp_count_callbacks
snmp_disable_stderrlog
snmp_duplicate_objid
snmp_enable_filelog
snmp_enable_stderrlog
snmp_enable_syslog
snmp_errno
snmp_error
snmp_errstring
snmp_fix_pdu
snmp_free_pdu
snmp_free_var
snmp_free_varbind
snmp_get_do_debugging
snmp_get_do_logging
snmp_get_dump_packet
snmp_get_next_sessid
snmp_get_next_transid
snmp_get_quick_print
snmp_get_random_access
snmp_get_statistic
snmp_get_suffix_only
snmp_get_token
snmp_in_toggle_options
snmp_in_toggle_options_usage
snmp_increment_statistic
snmp_increment_statistic_by
snmp_log
snmp_log_perror
snmp_mib_toggle_options
snmp_mib_toggle_options_usage
snmp_oid_compare
snmp_open
snmp_open_ex
snmp_out_toggle_options
snmp_out_toggle_options_usage
snmp_parse_oid
snmp_parse_var_op
snmp_pdu_add_variable
snmp_pdu_create
snmp_perror
snmp_read
snmp_realloc
snmp_register_callback
snmp_res_destroy_mutex
snmp_res_init
snmp_res_lock
snmp_res_unlock
snmp_save_persistent
snmp_select_info
snmp_send
snmp_sess_async_send
snmp_sess_close
snmp_sess_error
snmp_sess_init
snmp_sess_open
snmp_sess_perror
snmp_sess_read
snmp_sess_select_info
snmp_sess_send
snmp_sess_session
snmp_sess_synch_response
snmp_sess_timeout
snmp_set_detail
snmp_set_do_debugging
snmp_set_dump_packet
snmp_set_full_objid
snmp_set_mib_warnings
snmp_set_quick_print
snmp_set_random_access
snmp_set_save_descriptions
snmp_set_suffix_only
snmp_set_var_objid
snmp_set_var_value
snmp_shutdown
snmp_store
snmp_strcat
snmp_synch_response
snmp_synch_response_cb
snmp_synch_setup
snmp_timeout
snmp_varlist_add_variable
snmpv3_generate_engineID
snmpv3_get_engineID
snmpv3_local_snmpEngineBoots
snmpv3_local_snmpEngineTime
sprint_asciistring
sprint_objid
sprint_realloc_objid
sprint_realloc_variable
sprint_value
sprint_variable
store_vacm
strcasecmp
strncasecmp
tree_head
u64Subtract
unregister_app_config_handler
unregister_config_handler
uptime_string
usm_add_user
usm_cloneFrom_user
usm_create_initial_user
usm_create_user
usm_free_user
usm_get_user
usm_get_userList
usm_parse_config_usmUser
usm_parse_create_usmUser
usm_remove_user
usm_save_users
usm_set_user_password
usm_store_users
vacm_createAccessEntry
vacm_createGroupEntry
vacm_createViewEntry
vacm_destroyAccessEntry
vacm_destroyAllAccessEntries
vacm_destroyAllGroupEntries
vacm_destroyAllViewEntries
vacm_destroyGroupEntry
vacm_destroyViewEntry
vacm_getAccessEntry
vacm_getGroupEntry
vacm_getViewEntry
vacm_is_configured
vacm_parse_config_access
vacm_parse_config_group
vacm_parse_config_view
vacm_scanAccessInit
vacm_scanAccessNext
vacm_scanGroupInit
vacm_scanGroupNext
vacm_scanViewInit
vacm_scanViewNext
winsock_cleanup
winsock_startup
xdump
zeroU64

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MV_IPTel/bin/logo_avaya.gif
.gif
MV_IPTel/bin/mvsnmpget.exe
.exe windows:4 windows x86 arch:x86

279e94b2d184cc4312172e880f2ec8f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libsnmp

print_variable
snmp_free_pdu
snmp_fix_pdu
ds_get_boolean
fprint_objid
snmp_errstring
snmp_synch_response
snmp_close
snmp_parse_oid
snmp_pdu_create
winsock_cleanup
snmp_sess_perror
snmp_open
winsock_startup
ds_toggle_boolean
snmp_sess_init
snmp_get_do_debugging
debugmsgtoken
debugmsg
setenv
snmp_set_full_objid
snmp_set_suffix_only
snmp_set_quick_print
snmp_set_random_access
snmp_out_toggle_options
snmp_in_toggle_options
snmp_mib_toggle_options
debug_register_tokens
snmp_set_do_debugging
snmp_set_dump_packet
strcasecmp
hex_to_binary
init_snmp
ds_get_int
get_default_authtype
generate_Ku
snmp_perror
read_config_print_usage
get_default_privtype
ds_get_string
snmp_mib_toggle_options_usage
snmp_out_toggle_options_usage
snmp_add_null_var
snmp_in_toggle_options_usage

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
freopen
exit
fclose
atoi
__mb_cur_max
_isctype
_pctype
strtoul
malloc
_strdup
fflush
strchr
_iob
fprintf

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MV_IPTel/bin/snmperrors.txt
MV_IPTel/data/Backup/Fri_FTParchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/FTPData/FTP_Check.txt
.html
MV_IPTel/data/Backup/Fri_HTTPSarchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/46xxsettings.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/HTTPS_Check.txt
.html
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/HTTP_Check.txt
.html
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/J100Supgrade.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/av_prca_pem_2033.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/signatures/RootSA256.txt
MV_IPTel/data/Backup/Fri_HTTParchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/46xxsettings.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/HTTP_Check.txt
.html
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/J100Supgrade.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/av_prca_pem_2033.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/signatures/RootSA256.txt
MV_IPTel/data/Backup/Mon_FTParchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/FTPData/FTP_Check.txt
.html
MV_IPTel/data/Backup/Mon_HTTPSarchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/46xxsettings.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/EULA.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/HTTPS_Check.txt
.html
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/K1xxBSupgrade.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPSData/signatures/RootSA256.txt
MV_IPTel/data/Backup/Mon_HTTParchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/46xxsettings.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/EULA.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/HTTP_Check.txt
.html
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/K1xxBSupgrade.txt
Program Files (x86)/Avaya/MV_IPTel/data/HTTPData/signatures/RootSA256.txt
MV_IPTel/data/Backup/Thu_FTParchive.zip
.zip
Program Files (x86)/Avaya/MV_IPTel/data/FTPData/FTP_Check.txt
.html
MV_IPTel/data/Backup/Thu_HTTPSarchive.zip
.zip
MV_IPTel/data/Backup/Thu_HTTParchive.zip
.zip
MV_IPTel/data/Backup/Tue_FTParchive.zip
.zip
MV_IPTel/data/Backup/Tue_HTTPSarchive.zip
.zip
MV_IPTel/data/Backup/Tue_HTTParchive.zip
.zip
MV_IPTel/data/Backup/Wed_FTParchive.zip
.zip
MV_IPTel/data/Backup/Wed_HTTPSarchive.zip
.zip
MV_IPTel/data/Backup/Wed_HTTParchive.zip
.zip
MV_IPTel/data/FTPdata/FTP_Check.txt
.html
MV_IPTel/data/FTPdata/Fri_FTParchive.zip
.zip
MV_IPTel/data/FTPdata/Thu_FTParchive.zip
.zip
MV_IPTel/data/FTPdata/Tue_FTParchive.zip
.zip
MV_IPTel/data/FTPdata/Wed_FTParchive.zip
.zip
MV_IPTel/data/Scan/MV_Scan.param
MV_IPTel/docs/Avaya_License.rtf
.rtf
MV_IPTel/docs/MV_IPTel_Quick_Start.pdf
.pdf
MV_IPTel/docs/MV_IPTel_Reference.pdf
.pdf
MV_IPTel/docs/Net-SNMP-license.txt
MV_IPTel/docs/Readme.rtf
.rtf
MV_IPTel/log/HTTP-files.log
MV_IPTel/log/MV_IPTel.boot.log
MV_IPTel/log/MV_IPTel.log
MV_IPTel/log/iptel_logarchive.zip
.zip
MV_IPTel/templates/FTP_Check.txt
.html
MV_IPTel/templates/HTTPS_Check.txt
.html
MV_IPTel/templates/HTTP_Check.txt
.html
MV_IPTel/templates/TFTP_Check.txt
.html
MV_IPTel/templates/test.html
.html
MV_IPTel/templates/testhttps.html
.html

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

CODE Size: 1.1MB - Virtual size: 1.1MB

DATA Size: 34KB - Virtual size: 33KB

BSS Size: - Virtual size: 8KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 71KB - Virtual size: 71KB

.rsrc Size: 50KB - Virtual size: 50KB

Headers

File Characteristics

Sections

CODE Size: 559KB - Virtual size: 558KB

DATA Size: 8KB - Virtual size: 8KB

BSS Size: - Virtual size: 7KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 36KB - Virtual size: 36KB

.rsrc Size: 83KB - Virtual size: 83KB

Headers

File Characteristics

Sections

CODE Size: 323KB - Virtual size: 322KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 6KB

.idata Size: 8KB - Virtual size: 7KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 23KB - Virtual size: 23KB

.rsrc Size: 21KB - Virtual size: 21KB

Headers

File Characteristics

Sections

CODE Size: 314KB - Virtual size: 314KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 22KB - Virtual size: 21KB

.rsrc Size: 20KB - Virtual size: 20KB

28693ce1b1268b3ca1182b72823b05fe

Headers

File Characteristics

Imports

wsock32

msvcrt

kernel32

advapi32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 32KB - Virtual size: 58KB

.reloc Size: 20KB - Virtual size: 16KB

279e94b2d184cc4312172e880f2ec8f6

Headers

File Characteristics

Imports

libsnmp

msvcrt

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

CODE
Size: 1.1MB - Virtual size: 1.1MB

DATA
Size: 34KB - Virtual size: 33KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 71KB - Virtual size: 71KB

.rsrc
Size: 50KB - Virtual size: 50KB

CODE
Size: 559KB - Virtual size: 558KB

DATA
Size: 8KB - Virtual size: 8KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 83KB - Virtual size: 83KB

CODE
Size: 323KB - Virtual size: 322KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 6KB

.idata
Size: 8KB - Virtual size: 7KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 21KB - Virtual size: 21KB

CODE
Size: 314KB - Virtual size: 314KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 32KB - Virtual size: 58KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB