Nicht bestätigt 879324[.]crdownload

Resubmissions

07-06-2024 15:13

240607-slps8aac5v 10

07-06-2024 15:11

240607-sk3zfsbb99 10

07-06-2024 15:08

240607-sh7vmaac2s 10

07-06-2024 15:05

240607-sgnqcsbb65 10

Sharing

Copy URL

Twitter E-mail

General

Target

Nicht bestätigt 879324.crdownload
Size

1.4MB
MD5

e3970ffa96653f138e63ad0148970dac
SHA1

b466278571bc1b20f2cf767b2222c17449ee1dbc
SHA256

5a32b1864bcb2d237aca956c3b7474c2de484c38cbaa608ab5ffc71214bae2b8
SHA512

af9e28a39cda24521ad4239d8c616bffbb63a44ae3efedbf9320f83146b5ada758fc2d76fdba07e89bf9066088fd7159650b66c998549c49fbdade1022c0a163
SSDEEP

24576:CvJwL1rOBrsdTKf8oyVJHOohsXiV61rbXWcbd7JFV9MGiwS5OlliRw+gj8jbpRtQ:yJwxrOBaTKf8NVtOPXdbNHFVKc/izgjz

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Zeus 4.7.2.exe
unpack001/ZeusHex-GUI.dll

Files

Nicht bestätigt 879324.crdownload
.zip

Password: 123456
Zeus 4.7.2.exe
.exe windows:4 windows x86 arch:x86

Password: 123456

a9c887a4f18a3fede2cc29ceea138ed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

malloc
memset
strcmp
strcpy
getenv
sprintf
fopen
fwrite
fclose
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

shell32

ShellExecuteA

kernel32

SetUnhandledExceptionFilter

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Zeus-GUI.pdb
ZeusHex-GUI.deps.json
ZeusHex-GUI.dll
.exe windows:4 windows x86 arch:x86

Password: 123456

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\tickr\Downloads\SecHex-Spoofy-main (4)\SecHex-Spoofy-main\SecHex-GUI\SecHex-GUI\obj\Debug\net6.0-windows\SecHex-GUI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZeusHex-GUI.runtimeconfig.json

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 123456

Password: 123456

a9c887a4f18a3fede2cc29ceea138ed3

Headers

File Characteristics

Imports

msvcrt

shell32

kernel32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 152KB - Virtual size: 152KB

.bss Size: - Virtual size: 4B

.rsrc Size: 17KB - Virtual size: 17KB

Password: 123456

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 152KB - Virtual size: 152KB

.bss
Size: - Virtual size: 4B

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B