0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6[.]zip

Resubmissions

09/04/2024, 13:55

09/04/2024, 13:55

09/04/2024, 13:55

09/04/2024, 13:55

17/04/2023, 17:10

Target

0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6.zip
Size

1.1MB
MD5

a3ef7f3fab1b3bd5fe855c0d1c271fa8
SHA1

30e840f8c5c8518e095b2f14256d6dbe466d5bfa
SHA256

1d625920387b3da81920859a12df91efb0cd03aa82bcdb6d18db2a5d63fb4685
SHA512

53ac17d85428d1c8d4f4ff9d60f2fa423d2555c26b13971bbff7041c43e958635f57ad422604315ce49046570e26252cb49865f17afdb92861a26b949059e057
SSDEEP

24576:v0WemFBcWpqqtWV+jG4qNNavEj4SZ6GAlNeQOGfB3LgeZnc4qnlp:bUUpU+jG4x44S3AlNsGZUsc4+3

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6.exe

0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6.zip
.zip

Password: infected
0bb8e0a1827e48b851b152f46b68d0b8c0f8d7fb315bca2c204c42f153d13ac6.exe
.exe windows:4 windows x86 arch:x86

Password: infected

900a5641d85f1db8128310252e51b07f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
Sleep
lstrcmpiA
lstrcpyA
GlobalFree
GlobalAlloc
GetVersion
GetModuleFileNameA
GetLastError
GetEnvironmentVariableA
ExitProcess
CreateProcessA
CreateFileA
lstrcatA
CloseHandle

advapi32

StartServiceA
OpenServiceA
OpenSCManagerA
LookupAccountSidA
GetUserNameA
DeleteService
CreateServiceA
ConvertStringSidToSidA
CloseServiceHandle
StartServiceCtrlDispatcherA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ