cuciw5h4clsi2h[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

cuciw5h4clsi2h.zip
Size

1.4MB
MD5

60dc63f8a518bd9b3d654d5a5007ebae
SHA1

011f5673f37a689f9b486039a59eed66f3fd5aea
SHA256

52bf60cbb33b9a79c863d11ec0541af18e04aab3e9c69e74dccc15d72014e980
SHA512

e17105b34719efee7219d805fd267388302af7329639b8df216cc04a7a078dec9edd6eecb545d482be794adc5eabd885dc0124d93e9f2029a320eb37f611f41e
SSDEEP

24576:BhOI8NtT+PqD1N71vDIaZr1yxxRiih4N/243Y/+mbDhkClS//zMcinA2L9ZCNDkf:BhKNtyPC1N7tDIaV1SRNAEHhkCIng5B5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jppye.exe

Files

cuciw5h4clsi2h.zip
.zip

Password: mh
jppye.exe
.exe windows:6 windows x86 arch:x86

Password: mh

583cc2ef28f6fe36f423c4f7908aa09a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

PostThreadMessageA
CharUpperBuffW

advapi32

AllocateAndInitializeSid

ws2_32

listen

mswsock

GetAcceptExSockaddrs

ole32

CoUninitialize

crypt32

CertCloseStore

iphlpapi

GetIpNetTable

oleaut32

SysFreeString

shlwapi

SHDeleteKeyW

Sections

x"4+z'cA
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

9o@Uvw'?
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0/5l0BZP
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

J;'jw"5G
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hhqgaxk^
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WMqv5lo0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

\j[-L./;
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

73eZ4mDF
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: mh

Password: mh

583cc2ef28f6fe36f423c4f7908aa09a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

mswsock

ole32

crypt32

iphlpapi

oleaut32

shlwapi

Sections

x"4+z'cA Size: - Virtual size: 1.2MB

9o@Uvw'? Size: - Virtual size: 316KB

0/5l0BZP Size: - Virtual size: 49KB

J;'jw"5G Size: - Virtual size: 696KB

hhqgaxk^ Size: 2KB - Virtual size: 1KB

WMqv5lo0 Size: 1.5MB - Virtual size: 1.5MB

\j[-L./; Size: 1KB - Virtual size: 1KB

73eZ4mDF Size: 512B - Virtual size: 480B

x"4+z'cA
Size: - Virtual size: 1.2MB

9o@Uvw'?
Size: - Virtual size: 316KB

0/5l0BZP
Size: - Virtual size: 49KB

J;'jw"5G
Size: - Virtual size: 696KB

hhqgaxk^
Size: 2KB - Virtual size: 1KB

WMqv5lo0
Size: 1.5MB - Virtual size: 1.5MB

\j[-L./;
Size: 1KB - Virtual size: 1KB

73eZ4mDF
Size: 512B - Virtual size: 480B