Static task
static1
General
-
Target
zefoy-main.zip
-
Size
5.0MB
-
MD5
39ed17e06a97301c0d90ce09da0513d9
-
SHA1
5f60010ba8fa63becac6de62e33221382e57adb2
-
SHA256
0202e0bbfd584ffec3e74a74415d79c98be1af6e66842c67bd5190a4570246af
-
SHA512
8f3eac85eb9b25e4f0b2ad20a748ebe4c28092dbef385399b5bf77944a368b71736ab7dbe96377137d71f2b65a0af34a44b0c32cb7cd95f403cea8663d17f0a9
-
SSDEEP
98304:cm/06zbiDGFnoWFjfAgiQWdeELVHFWb0v/fz51ZrozZJRoU6ClTFzc+MxW:f5FDlRWdBhlsynz5joFJ56ClTFzc+MxW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/zefoy-main/to update/executables/main.exe
Files
-
zefoy-main.zip.zip
-
zefoy-main/LICENSE
-
zefoy-main/README.md
-
zefoy-main/main.py
-
zefoy-main/to update/README.md
-
zefoy-main/to update/executables/main.exe.exe windows:6 windows x64 arch:x64
9cbefe68f395e67356e2a5d8d1b285c0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 766KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
/4 Size: 512B - Virtual size: 295B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/19 Size: 474KB - Virtual size: 473KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/32 Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/46 Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/65 Size: 906KB - Virtual size: 905KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/78 Size: 647KB - Virtual size: 646KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/90 Size: 175KB - Virtual size: 175KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.symtab Size: 422KB - Virtual size: 421KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
zefoy-main/to update/go.mod
-
zefoy-main/to update/go.sum
-
zefoy-main/to update/main.go
-
zefoy-main/to update/main.py
-
zefoy-main/to update/old/README.md
-
zefoy-main/to update/old/other/source.py
-
zefoy-main/to update/old/views.py