58902429df5e64c70c068181f907dfa6dc19c29b00b9063e6d8818d70d5886c3

Sharing

Copy URL Twitter E-mail

General

Target

58902429df5e64c70c068181f907dfa6dc19c29b00b9063e6d8818d70d5886c3
Size

167KB
MD5

3a748aa64bad6b6be7c606b81802b658
SHA1

6e93d6f0e8681427ea9c6ff1fb24a048222d73f3
SHA256

58902429df5e64c70c068181f907dfa6dc19c29b00b9063e6d8818d70d5886c3
SHA512

711dac157062a64bb5ac59db789241f93c0a348f725ccb38cd62b7f76196c7b81d475f08f9b2543409128a0b066d865e0c5dd62cd086a0ce7b32df85b27513bd
SSDEEP

3072:+5GX6r8yad2HtEspQumhC9u1zDxIDrSaVOs19l9ODxwT3u2axa5dp:MtopAHcCo5+rSakC9l90ST3GYdp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7990c0afc6694f3ea41d8356ec113152b66ebc0e3be8fc58a594e663fa690883.exe

Files

58902429df5e64c70c068181f907dfa6dc19c29b00b9063e6d8818d70d5886c3
.zip

Password: infected
7990c0afc6694f3ea41d8356ec113152b66ebc0e3be8fc58a594e663fa690883.exe
.exe windows:5 windows x86 arch:x86

d4138b432a7697c021fd47de2dca309f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\hoz\zelowumizu.pdb

Imports

kernel32

SetComputerNameExA
AllocConsole
GetConsoleAliasExesLengthA
FindResourceW
BuildCommDCBAndTimeoutsA
DeleteVolumeMountPointA
GlobalAddAtomA
GetCommState
GetSystemWindowsDirectoryW
CreateDirectoryW
AddConsoleAliasW
FreeEnvironmentStringsA
GetModuleHandleW
GetTickCount
ReadDirectoryChangesW
GetConsoleAliasesA
GetPriorityClass
WideCharToMultiByte
LoadLibraryW
IsProcessorFeaturePresent
GetConsoleAliasW
GetVolumePathNameA
FillConsoleOutputCharacterW
GetLastError
InterlockedFlushSList
SetLastError
BackupRead
PeekNamedPipe
VirtualAlloc
PeekConsoleInputW
CreateNamedPipeA
RemoveDirectoryA
EnumSystemCodePagesW
InterlockedExchangeAdd
OpenWaitableTimerW
LocalAlloc
GetNumberFormatW
SetConsoleWindowInfo
FoldStringA
DebugSetProcessKillOnExit
GetModuleHandleA
UpdateResourceW
FatalExit
FreeEnvironmentStringsW
VirtualProtect
ReadConsoleInputW
GetWindowsDirectoryW
SetFileAttributesW
LocalFileTimeToFileTime
WriteConsoleW
GetConsoleOutputCP
FindFirstFileW
CreateFileA
GetProcAddress
WriteConsoleA
CloseHandle
HeapFree
Sleep
ExitProcess
GetStartupInfoW
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
HeapSize
MultiByteToWideChar
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

ChangeDisplaySettingsW
LoadMenuW
CharToOemBuffW

gdi32

GetCharWidthA
GetCharABCWidthsFloatA
GetBoundsRect

ole32

StringFromCLSID

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

d4138b432a7697c021fd47de2dca309f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 176KB - Virtual size: 176KB

.data Size: 8KB - Virtual size: 716KB

.rsrc Size: 69KB - Virtual size: 68KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 176KB - Virtual size: 176KB

.data
Size: 8KB - Virtual size: 716KB

.rsrc
Size: 69KB - Virtual size: 68KB

.reloc
Size: 9KB - Virtual size: 8KB