9ae77e8dde38f87cb8d987ff083c2958[.]zip

General

Target

9ae77e8dde38f87cb8d987ff083c2958.zip
Size

3.2MB
MD5

6b23568bfd581e1ae81931e38f86d26e
SHA1

8d8314ffa14fcadac9da876a95bf46e2c752f69c
SHA256

de4651fa53ee4dc7cbcd37a66a98d688eb1cc00ce38072c1dee18bdc46dfa258
SHA512

dc209d59721a0bfe63f89c3103d38ba35f06e29b5fd85b61fce4adf84bda2ce3ba71b823372f0eb7429483c8707e2ff9cceae18216c5fc9718c3cf33b39c6798
SSDEEP

98304:WrCILukdq1VOYBGKRlHPG4WvuPZQS1hM+:W+YukUDNBGKCuCgM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5503fb7c1a27f02e98460e89bb706bfb9f270f9eaa2f9be271863018aca6a9f8.mal_

Files

9ae77e8dde38f87cb8d987ff083c2958.zip
.zip

Password: infected
5503fb7c1a27f02e98460e89bb706bfb9f270f9eaa2f9be271863018aca6a9f8.mal_
.exe windows:6 windows x86 arch:x86

befdf4a5b5eb6a85e3101e4eb4d7711e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
IsValidLocale
TlsFree
TlsGetValue
TlsAlloc
TlsSetValue
IsBadReadPtr
GetStdHandle
ReadConsoleW
WriteConsoleW
GetConsoleMode
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
MultiByteToWideChar
CompareStringEx
EncodePointer
DecodePointer
CloseHandle
ExitProcess
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
GetLastError
SetLastError

ole32

CoGetObjectContext
CoGetApartmentType

user32

ShowWindow
DestroyWindow
MoveWindow
DispatchMessageA
PeekMessageA
TranslateMessage
RegisterClassExW
CreateWindowExW
IsWindowVisible
IsDialogMessageW
IsIconic
IsZoomed
BeginPaint
EndPaint
ReleaseDC
GetDC
LoadIconW
LoadCursorW
MessageBoxW
MessageBoxA
SendMessageA
InvalidateRect
UpdateWindow
GetWindowTextW
GetWindowTextLengthW

gdi32

SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC
SetPixel
SetBkMode
CreatePen
CreateSolidBrush
SetTextColor
TextOutW
LineTo

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 645KB - Virtual size: 645KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

befdf4a5b5eb6a85e3101e4eb4d7711e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

user32

gdi32

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 645KB - Virtual size: 645KB

.data Size: 1024B - Virtual size: 1024B

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 277KB - Virtual size: 276KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 645KB - Virtual size: 645KB

.data
Size: 1024B - Virtual size: 1024B

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 277KB - Virtual size: 276KB