$R5KZBOJ[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

$R5KZBOJ.zip
Size

3.1MB
MD5

466c879c5f46e4c1cdd68c47e80ac6de
SHA1

0078f48ea1c0cb09c7bb03f49ee89e5460b1bdd1
SHA256

0e8822f6d7ac3ea9b7a3217b143ae8827022ab65d7185c1e91f65f3ec997ce3c
SHA512

e1d931406a6cd5acffddd91a4d94624c408f29f28f786f2213ed11328720a3db70d0f3855848b4f999020819fe11f5ef3abbf55eda4ef451e06ab74e13cf0512
SSDEEP

49152:AlgmBchHFqkEwrA7vUTtrz40uIQJdY0my5977wFy+dZe/HKj4CP+vEkqq4xmcsOQ:AlPa1GvUNzHvQJ4yv77wFxyCGvHzHcSF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1.jpg

Files

$R5KZBOJ.zip
.zip
1.jpg
.exe windows:4 windows x86 arch:x86

28bc134ea5d519f49501ac974b6a747e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantClear

user32

CharUpperW

advapi32

OpenProcessToken
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_beginthreadex
realloc
_ftol
memset
strlen
wcscmp
wcsstr
strcmp
memmove
fputs
fputc
fflush
fgetc
_iob
free
malloc
memcmp
_purecall
memcpy
_CxxThrowException
__CxxFrameHandler
_isatty
_fileno

kernel32

SetThreadAffinityMask
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
WaitForSingleObject
RemoveDirectoryW
InterlockedIncrement
GetVersion
VirtualFree
VirtualAlloc
SetConsoleMode
GetConsoleMode
GetVersionExW
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessTimes
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
GetSystemTimeAsFileTime
FileTimeToDosDateTime
IsProcessorFeaturePresent
GlobalMemoryStatus
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetModuleHandleW
GetCurrentProcess
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
SetEndOfFile
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
WriteFile
MoveFileW
CreateHardLinkW
CreateDirectoryW
DeleteFileW
SetLastError
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
GetStdHandle
FindClose
FindFirstFileW
FindNextFileW
GetProcAddress
GetModuleHandleA
GetFileAttributesW
GetLogicalDriveStringsW
GetFileSize
SetFilePointer
DeviceIoControl
ReadFile
ResumeThread

Sections

.text
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Readme.jpg
.jpg
image.7z
.7z
unpack.bat

Sharing

General

Malware Config

Signatures

Files

28bc134ea5d519f49501ac974b6a747e

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 481KB - Virtual size: 481KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 1KB - Virtual size: 46KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 481KB - Virtual size: 481KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 1KB - Virtual size: 46KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 22KB - Virtual size: 22KB