wine file[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

wine file.zip
Size

303KB
MD5

e5ff7aa43150b1f7cb092b89685a02ba
SHA1

8888ee913f68ab43b62500ae5e6155ea092db692
SHA256

4bcf86b5cc60feb9121119054a9f6dde176ce2f6d9c5ee9184b5ced99baac587
SHA512

4439acfca8274698d3ac831b629cf0117b381dc944c9971fb8fb2fe24831e9f4829fa24b29b722d96d1e0aef919f5e4d279a2ccdead61cbe7be5616de76e3da3
SSDEEP

6144:bekHMfd5VA9THVKA63tNcOvLmRCn/xICYP5iI43B0mVTpGlBVjfhkq:i4A5VmTHVKA63AOvowxI5/43SmPOBFff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/winhlp32.exe

Files

wine file.zip
.zip

Password: Infected
winhlp32.exe
.exe windows:4 windows x86 arch:x86

Password: Infected

af10a58ae1c3d36ba70af01f60f8aa1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
TextOutA
SetBkColor
DeleteEnhMetaFile
CreateCompatibleDC
GetEnhMetaFileBits
SetTextColor
CloseEnhMetaFile
CreateFontIndirectW
CreateEnhMetaFileW
GetTextExtentPointA
CreateDIBitmap
SelectObject
DeleteDC
BitBlt
GetTextMetricsW
CreateBitmap

kernel32

HeapFree
_lclose
ResolveDelayLoadedAPI
GetModuleHandleA
lstrcmpiA
HeapReAlloc
GetCommandLineA
DelayLoadFailureHook
GetFileAttributesA
GetTickCount
GetCurrentDirectoryA
GetModuleHandleW
IsBadStringPtrA
MulDiv
_hread
CreateFileA
OpenFile
GetStartupInfoA
HeapAlloc
CloseHandle
SearchPathA
GetProcAddress
LoadLibraryA

ntdll

_vsnprintf

ucrtbase

_assert
_get_initial_narrow_environment
strcpy
strcat
__p___argc
_errno
fwrite
memcmp
strcmp
__stdio_common_vsprintf
_configure_narrow_argv
__acrt_iob_func
malloc
strlen
getenv
memmove
__stdio_common_vfprintf
strrchr
__p___argv
free
strtol
memcpy
realloc
_strdup
calloc
_set_app_type
_initialize_narrow_environment
strcspn
exit
_stricmp
strchr

user32

GetWindow
CheckMenuItem
GetDC
CreateIconFromResourceEx
ReleaseDC
SystemParametersInfoW
DispatchMessageW
DefWindowProcA
SendDlgItemMessageW
RegisterClassExA
MessageBoxA
SetFocus
LoadMenuW
ShowWindow
DestroyIcon
MoveWindow
GetSubMenu
EndPaint
GetParent
TranslateMessage
GetWindowLongA
AdjustWindowRect
RedrawWindow
BeginPaint
CreateWindowExA
LoadImageW
TranslateAcceleratorW
PostMessageW
LoadStringA
GetMessageW
LoadAcceleratorsW
GetMenu
DestroyMenu
SetWindowLongA
GetClientRect
wsprintfA
SendMessageW
GetWindowRect
SetCursor
LoadIconW
SendMessageA
EnableWindow
GetWindowLongW
SetWindowPos
GetDlgItem
GetSystemMetrics
SetActiveWindow
GetMessagePos
ScreenToClient
CallWindowProcA
MessageBoxW
LoadCursorW
SetWindowTextA
PostQuitMessage
LoadStringW
ClientToScreen
TrackPopupMenu
InvalidateRect
DestroyWindow
SetWindowLongW

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 572B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 4KB - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Infected

Password: Infected

af10a58ae1c3d36ba70af01f60f8aa1c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ntdll

ucrtbase

user32

Sections

.text Size: 84KB - Virtual size: 83KB

.data Size: 4KB - Virtual size: 2KB

.rdata Size: 16KB - Virtual size: 13KB

/4 Size: 4KB - Virtual size: 180B

.bss Size: - Virtual size: 572B

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 136KB - Virtual size: 132KB

/14 Size: 4KB - Virtual size: 344B

/29 Size: 196KB - Virtual size: 194KB

/41 Size: 12KB - Virtual size: 10KB

/55 Size: 72KB - Virtual size: 68KB

/67 Size: 12KB - Virtual size: 10KB

/80 Size: 4KB - Virtual size: 2KB

/91 Size: 100KB - Virtual size: 98KB

/102 Size: 20KB - Virtual size: 19KB

.text
Size: 84KB - Virtual size: 83KB

.data
Size: 4KB - Virtual size: 2KB

.rdata
Size: 16KB - Virtual size: 13KB

/4
Size: 4KB - Virtual size: 180B

.bss
Size: - Virtual size: 572B

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 136KB - Virtual size: 132KB

/14
Size: 4KB - Virtual size: 344B

/29
Size: 196KB - Virtual size: 194KB

/41
Size: 12KB - Virtual size: 10KB

/55
Size: 72KB - Virtual size: 68KB

/67
Size: 12KB - Virtual size: 10KB

/80
Size: 4KB - Virtual size: 2KB

/91
Size: 100KB - Virtual size: 98KB

/102
Size: 20KB - Virtual size: 19KB