General
-
Target
C.7z
-
Size
129KB
-
MD5
a9075ca14d869f6fee04002f056b50dc
-
SHA1
9e939b65b71fb8b58daefd3e2a546d36279cf837
-
SHA256
9036e7749d396f69e48a41e35a1dc7638d8dc97d109bb6de3f9bee3e4fab62f4
-
SHA512
64a6afcede6a908918c981c702aa3b344e4e2bb8c9b8f1987e432a33b20145bd7759ff2e6116c37bb01a2bd2495ec49bfaefcf334f9937f2748a2527a24e9e71
-
SSDEEP
3072:wXPfWMQTsabvJfpTlak8PMxm5jyjopyrh3fXmQe5sjU1XsL13spEeJbRx:wWzvtpRaklmIjAyrhPXGv8L6EINx
Malware Config
Extracted
formbook
4.1
sl07
stryper.net
riseandvibetime.com
thebenmorley.com
kdfdq.com
pet4cus.com
agrosoft.farm
utopiagood.com
sanduskyspeedway.com
eldozz-quarter.top
weixuninvest.com
taxiboativano.net
odvip377.com
bubblegome.com
peakwealtharchitects.com
mondaytoyoulive.lat
huohullq.com
the-inferno-slots-casino.top
yy88abcd88yyy.xyz
azbenfica.com
hunectar.com
6609.us
softenamelpins.com
lv46gc.vip
kancase.com
mygpmoments.com
0ezutb.com
schoolsafetysummit.com
fc888.life
desscz.info
sandibet88.net
qwlvxdxsyyxvmcv.college
whiteningsolutions.life
sobattoto.lol
wholesalefreshweed.com
catchaone.com
wanderingmemoriess.com
2taobao413ba.xyz
mcc888.info
juthaiworld.com
mufvrr.com
columbusjacks.com
othershealth.com
ventureinproperties.com
8gvip116.top
bifocalsunnies.shop
arch-it.tech
descartesmedical.com
nexaportfoliostrategies.com
icloud-idevicesmaps.us
dyerene.com
thesunflowercarwash.com
crystalcreekcraftsllc.store
gocumgirl.com
annelizabethco.com
nice888-web.com
totaleclipse2044.com
servicioelectrigas.com
uwaco.xyz
trumpmagiccoin.xyz
starnaloja.com
usxng.pw
mellox.net
glassemergencyreplacement.com
fptcoaching.com
manuelcastanho.com
Signatures
Files
-
C.7z.7z
Password: infected
-
C.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ