18133056614[.]zip | Triage

Sharing

General

Target

18133056614.zip
Size

3KB
MD5

99404a6c85555f599016360ecbe4f2c2
SHA1

ac974d3d250e557cbae671a361d22b9f65204918
SHA256

83ad3e65866dbb1f3679b91085b9d9eb29e27c2b6cd125877f59c7d49ef313ef
SHA512

96a58984c9c9ad8475c17302a68b7d6425c80f367db64601e50b6d9b1b73711f0531a050d8c5fc966bbd4a26e21fa61b07197759ca4594879e5fbcd617f4f87d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cda679d62e2852d900f412239e7c01a64a928db6c0cc03b8fa0c1eabdfe815c4

Files

18133056614.zip
.zip

Password: infected
cda679d62e2852d900f412239e7c01a64a928db6c0cc03b8fa0c1eabdfe815c4
.dll windows:6 windows x64 arch:x64

893224663c45860250e8263bde6f011b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalAlloc
GlobalFree
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrcmpW
lstrcpyW
lstrcpynW
lstrlenW

user32

DialogBoxParamW
EndDialog
GetDC
LoadIconW
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetWindowTextW
ShowWindow
wsprintfW

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

Exports

Exports

LangDialog

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ