d3d4010f0cccdeb592f64d65505ff66796cbb71084742cc837b0611a7f515c37[.]zip

General

Target

d3d4010f0cccdeb592f64d65505ff66796cbb71084742cc837b0611a7f515c37.zip
Size

17KB
MD5

797bd261452e920b89c7247acc64d302
SHA1

0a3238eb10d04479c5b0b622b8753af8215977bf
SHA256

21155d0cc1ee95b5982b4c5446ad258c565d1de0c43f1d44305332053a776167
SHA512

1bbf4a2e85fc9588aed40d632f827ba2205270438a50b4f0a7605f4b1f25363a28baa44de29c1cb8845a66d71c4fea472fc8fccceb10a70b83144a477575fcef
SSDEEP

384:msxaC9Yshq8Y5OfWdx4tCO0dpTOiX1m9y4dFYdgZaMUtocqe869NO1a:rxav8YiWdx4CO0b9X1OdFYKstocqJmGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d3d4010f0cccdeb592f64d65505ff66796cbb71084742cc837b0611a7f515c37

Files

d3d4010f0cccdeb592f64d65505ff66796cbb71084742cc837b0611a7f515c37.zip
.zip

Password: threatbook
d3d4010f0cccdeb592f64d65505ff66796cbb71084742cc837b0611a7f515c37
.exe windows:4 windows x86 arch:x86

Password: threatbook

bcd0d6a33014834a7d493885494d79c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GetLastError
CloseHandle
CreateFileW
lstrlenW
DeleteFileW
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
LocalFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
HeapAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr

ole32

CoSetProxyBlanket
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

bcd0d6a33014834a7d493885494d79c0

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 16KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 16KB