file_064dec30198c4120813bcb6250bac4d2_2024-07-01_03_55_35_309000[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

file_064dec30198c4120813bcb6250bac4d2_2024-07-01_03_55_35_309000.zip
Size

230KB
MD5

4da600bd43f6a8a28569aabdad25f8c7
SHA1

024084aeaaa435a84be45c14607f8b6532ea3a2c
SHA256

3fbf8ac5e92de58698c7fdee946d801c36cc20680acf0e5ac66e18211d0cf399
SHA512

e85c8983397727fc6652357de14b46416e4438d7bcb33327748a20b236641c65c2c8bbe3e59c7ebdc156639495cabc163dcc5c494ea0a11a693ef140ca140977
SSDEEP

6144:YQoJgleQ+2S3U1UKmOLz6Jdph4S1TddILohP3ykJn16jxTNof:YQoEeQxGUi1/mSx75CkJn16jlS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/entry001/pkzipc.exe

Files

file_064dec30198c4120813bcb6250bac4d2_2024-07-01_03_55_35_309000.zip
.zip
entry001/pkzipc.exe
.exe windows:4 windows x86 arch:x86

a342e375d59aa6c806bef0c93443c016

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCtrlHandler
GetSystemTime
CompareFileTime
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
GetFullPathNameA
GetDiskFreeSpaceA
GetTempFileNameA
GetLastError
SystemTimeToFileTime
CreateFileA
GetStdHandle
ReadFile
WriteFile
CloseHandle
SetEndOfFile
SetFilePointer
GetFileAttributesA
DeviceIoControl
GetConsoleScreenBufferInfo
GetProcAddress
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileTime
SetVolumeLabelA
FindFirstFileA
FindNextFileA
FindClose
GetTickCount
GetVolumeInformationA
GetDriveTypeA
FlushConsoleInputBuffer
GetCurrentDirectoryA
SetCurrentDirectoryA
GetShortPathNameA
GetLocaleInfoA
GetVersion
SetErrorMode
WideCharToMultiByte
GetFileSize
GetVersionExA
SetFileAttributesA
GetModuleHandleA
FreeLibrary
LoadLibraryA
HeapSize
GetStartupInfoA
GetConsoleMode
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetLocalTime
MoveFileA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
ReadConsoleInputA
SetConsoleMode
FlushFileBuffers
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetStringTypeA
GetStringTypeW
SetStdHandle
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA

user32

CharToOemBuffA
OemToCharBuffA
wsprintfA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

SHFileOperationA

Sections

.text
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 228KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.relo2
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

a342e375d59aa6c806bef0c93443c016

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: - Virtual size: 224KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: - Virtual size: 175KB

.rsrc Size: 4KB - Virtual size: 1KB

.pklstb Size: 228KB - Virtual size: 244KB

.relo2 Size: 4KB - Virtual size: 60B

.text
Size: - Virtual size: 224KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: - Virtual size: 175KB

.rsrc
Size: 4KB - Virtual size: 1KB

.pklstb
Size: 228KB - Virtual size: 244KB

.relo2
Size: 4KB - Virtual size: 60B