c86a9b7d467bb33eea1b340ce58f143bda046378[.]zip

Resubmissions

11/06/2024, 16:06

240611-tj8c8atanr 3

Sharing

Copy URL Twitter E-mail

General

Target

c86a9b7d467bb33eea1b340ce58f143bda046378.zip
Size

10.3MB
MD5

2227c9f2c5b8634ebc3a4903104d5445
SHA1

79f73bbf0f7b7c6c21f0b82266c9ce44f89656d9
SHA256

7daa0aec9bd3c5c968988434ae68a19df4fc9718d20d53745cd4d098f99ea6e2
SHA512

9716a768d74050bf013994b95f90cd6c6c150243d6c0651f838b4b1b4b686b89d470c687d940bd33beaafb51e84f98bd0e3bf354778d14c0840b546ca56db82e
SSDEEP

196608:zVW3/wtlC29RvDbywxM3pjcj3ZicGAFYk2WwHRPIaKm6hVkvy6uAFK0k9mrpKtrE:DfCsywxMI3YZk2PKmCMuAE1ot9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c86a9b7d467bb33eea1b340ce58f143bda046378

Files

c86a9b7d467bb33eea1b340ce58f143bda046378.zip
.zip

Password: infected
c86a9b7d467bb33eea1b340ce58f143bda046378
.exe windows:5 windows x64 arch:x64

bc27fadd154075e14c59584515d0a87f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\source\source.ACL\86254\Release_wdexe_23\WX\x64\Release\WDExe.pdb

Imports

kernel32

GetModuleFileNameW
GetLastError
CreateFileMappingW
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetVersionExA
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CreateEventW
GetStartupInfoW
MulDiv
SetEvent
WaitForSingleObject
ReleaseMutex
CreateMutexW
OpenFileMappingW
FreeLibrary
FindResourceW
LoadResource
LockResource
FreeResource
GetTempPathW
GetTempFileNameW
GetCurrentProcessId
SizeofResource
FormatMessageW
LocalFree
GetCommandLineW
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
LocalAlloc
GetVersionExW
LoadLibraryW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetVolumeInformationW
WriteFile
ReadFile
SetFilePointer
LockFile
LockFileEx
UnlockFile
UnlockFileEx
FlushFileBuffers
SetEndOfFile
SetErrorMode
SetLastError
SystemTimeToFileTime
FileTimeToSystemTime
CreateFileW
GetTickCount
Sleep
DeleteFileW
MoveFileW
CopyFileW
CreateDirectoryW
FindFirstFileW
FindClose
GetFileAttributesW
SetFileAttributesW
FindFirstFileExW
FindNextFileW
GetFullPathNameW
GetDriveTypeW
HeapFree
GetProcessHeap
HeapAlloc
TlsSetValue
TlsGetValue
VirtualQuery
TlsAlloc
TlsFree
GetCurrentThreadId
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
WideCharToMultiByte
CompareStringW
CompareStringA
GetTimeZoneInformation
LoadLibraryA
CreateSemaphoreW
ReleaseSemaphore
ResumeThread
TerminateThread
CreateThread
GetProfileStringW
GetExitCodeProcess
GetSystemDefaultLangID
GetMailslotInfo
GetComputerNameW
ExpandEnvironmentStringsW
CreateMailslotW
CreateProcessW
RaiseException
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
HeapReAlloc
RtlPcToFileHeader
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
LCMapStringW
HeapSize
RtlUnwindEx
PeekNamedPipe
GetFileType
GetCurrentDirectoryA
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA

Exports

Exports

CommandeComposante
DeclareProxy
Execution
LibereMutex

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22.0MB - Virtual size: 22.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

bc27fadd154075e14c59584515d0a87f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 216KB - Virtual size: 216KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 15KB - Virtual size: 27KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 22.0MB - Virtual size: 22.0MB

.text
Size: 216KB - Virtual size: 216KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 15KB - Virtual size: 27KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 22.0MB - Virtual size: 22.0MB