ap-file-vaultFile9081945144037048205[.]vol-873034707[.]zip

General

Target

ap-file-vaultFile9081945144037048205.vol-873034707.zip
Size

105KB
MD5

0529b8d11702c1d6f13d61f82986eea0
SHA1

6ade799e18ec4a97c3d5eefa22324c9f3a1c63f0
SHA256

25ae68cdffbc5665b2ab458aa70b6273445130f021088a7bdc08b7fdfcb94b77
SHA512

a46931af14af53550540536ea6280b7c84ff6b4f676e13e04078476e2ca1cb9392cd64c3f2c3f76121816584d777e9de53f80b4d429b9d4063848cea069e3058
SSDEEP

3072:WhFBTHAedZav9xOsJqLnt4xb1j0gAsdhw7Y:0FBTHAeOusELnQRB8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/vaultFile9081945144037048205.vol

Files

ap-file-vaultFile9081945144037048205.vol-873034707.zip
.zip

Password: cautionhandlewithcare
vaultFile9081945144037048205.vol
.exe windows:4 windows x86 arch:x86

Password: cautionhandlewithcare

ab4e1d9d23e055febe406d1bcb01c527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

msvcrt

__p__fmode
__set_app_type
__p__commode
_strlwr
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fseek
ftell
rewind
fread
strncmp
fprintf
??2@YAPAXI@Z
strrchr
strncpy
fwrite
fopen
fclose
setlocale
sprintf
??3@YAXPAX@Z
_except_handler3
_controlfp

kernel32

GetModuleHandleA
CreatePipe
GetStartupInfoA
GetSystemDirectoryA
CreateProcessA
ReadFile
FindNextFileA
FindClose
GetFileAttributesA
FindFirstFileA
SetEvent
ReadDirectoryChangesW
WideCharToMultiByte
GetLogicalDrives
GetDriveTypeA
CloseHandle
CreateFileA
CreateThread
WaitForSingleObject
TerminateThread
Sleep
OpenEventA
CreateEventA
GetModuleFileNameA
GetTempPathA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vaultFile9081945144037048205.vol.METADATA

Sharing

General

Malware Config

Signatures

Files

Password: cautionhandlewithcare

Password: cautionhandlewithcare

ab4e1d9d23e055febe406d1bcb01c527

Headers

File Characteristics

Imports

shell32

msvcrt

kernel32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 5KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 5KB

.rsrc
Size: 29KB - Virtual size: 28KB