Your file is ready to download[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Your file is ready to download.7z
Size

406KB
MD5

aabcb65c94b98f09a1d67497fbf7067e
SHA1

cfb3e166bfa60c798a8a26b49e2706c76020f78b
SHA256

310d61b06393531a0c3b9ab01e4b935913d76c98b9b289d208edbd789b6703e6
SHA512

b410e65fe48f63ea8f28fea131f9b60a368e4a3371c23ce6899d7b520e6e9c5cffef8898c804d8a1d018f197cb1e61dbd2b76bcd29303e1e00386bcd9bf13359
SSDEEP

6144:qYdseAI8pWHtjdcjJ7G942iLJN/8owy4udid9HCmsWrlrVhaed3mXqo:qYdxAtQaFe42yJ6o14SsL3Vh1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Your file is ready to download.exe

Files

Your file is ready to download.7z
.7z

Password: giga nigga
Your file is ready to download.exe
.exe windows:6 windows x64 arch:x64

Password: giga nigga

f0cd570f4d987cd60af68729bd4797b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

AdjustTokenPrivileges
EventEnabled
EventRegister
EventUnregister
EventWrite
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegQueryValueExW

bcrypt

BCryptGenRandom

kernel32

AddVectoredExceptionHandler
CancelThreadpoolIo
CloseHandle
CloseThreadpoolIo
CloseThreadpoolWait
CloseThreadpoolWork
CreateEventExW
CreateEventW
CreateIoCompletionPort
CreatePipe
CreateProcessW
CreateThread
CreateThreadpoolIo
CreateThreadpoolWait
CreateThreadpoolWork
DebugBreak
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushInstructionCache
FlushProcessWriteBuffers
FormatMessageW
FreeLibrary
GetCPInfoExW
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessorNumberEx
GetCurrentThread
GetCurrentThreadId
GetEnabledXStateFeatures
GetEnvironmentVariableW
GetExitCodeProcess
GetFileInformationByHandleEx
GetFileType
GetLargePageMinimum
GetLastError
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx
GetNumaProcessorNodeEx
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetProcessGroupAffinity
GetProcessHeap
GetProcessId
GetQueuedCompletionStatus
GetQueuedCompletionStatusEx
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemTimes
GetThreadContext
GetThreadIOPendingFlag
GetThreadIdealProcessorEx
GetThreadPriority
GetTickCount64
GetWriteWatch
GlobalMemoryStatusEx
HeapAlloc
HeapFree
InitializeConditionVariable
InitializeContext
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
IsDebuggerPresent
IsProcessInJob
K32EnumProcesses
K32GetProcessMemoryInfo
LeaveCriticalSection
LoadLibraryExW
LocalAlloc
LocalFree
MultiByteToWideChar
OpenProcess
PostQueuedCompletionStatus
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseFailFastException
ResetEvent
ResetWriteWatch
ResumeThread
RtlCaptureContext
RtlRestoreContext
RtlVirtualUnwind
SetConsoleTextAttribute
SetEvent
SetFilePointerEx
SetLastError
SetThreadAffinityMask
SetThreadContext
SetThreadErrorMode
SetThreadGroupAffinity
SetThreadIdealProcessorEx
SetThreadPriority
SetThreadpoolWait
SetXStateFeaturesMask
Sleep
SleepConditionVariableCS
SleepEx
StartThreadpoolIo
SubmitThreadpoolWork
SuspendThread
SwitchToThread
TerminateProcess
VirtualAlloc
VirtualAllocExNuma
VirtualFree
VirtualProtect
VirtualQuery
VirtualUnlock
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolWaitCallbacks
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
__chkstk

ole32

CoGetApartmentType
CoInitializeEx
CoUninitialize
CoWaitForMultipleHandles

shell32

CommandLineToArgvW

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-math-l1-1-0

ceil
cos
pow
sin

api-ms-win-crt-convert-l1-1-0

strtoull

api-ms-win-crt-string-l1-1-0

_stricmp
strcmp

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.managed
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hydrated
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: giga nigga

Password: giga nigga

f0cd570f4d987cd60af68729bd4797b6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

kernel32

ole32

shell32

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

Sections

.text Size: 255KB - Virtual size: 255KB

.rdata Size: 274KB - Virtual size: 273KB

.data Size: 5KB - Virtual size: 48KB

.pdata Size: 44KB - Virtual size: 44KB

.managed Size: 435KB - Virtual size: 434KB

.tls Size: 512B - Virtual size: 249B

hydrated Size: - Virtual size: 208KB

.reloc Size: 1024B - Virtual size: 972B

.text
Size: 255KB - Virtual size: 255KB

.rdata
Size: 274KB - Virtual size: 273KB

.data
Size: 5KB - Virtual size: 48KB

.pdata
Size: 44KB - Virtual size: 44KB

.managed
Size: 435KB - Virtual size: 434KB

.tls
Size: 512B - Virtual size: 249B

hydrated
Size: - Virtual size: 208KB

.reloc
Size: 1024B - Virtual size: 972B