314adb9dc1debb41eb178f07e340046b107367e811cf4e5e8d30d63fa7a9f9e9[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

314adb9dc1debb41eb178f07e340046b107367e811cf4e5e8d30d63fa7a9f9e9.zip
Size

20.7MB
MD5

3a81e0deeb9bbf521788d3449d0a976e
SHA1

83da21da7d5883297717e9a406fe0a78a5bc177d
SHA256

358b27acf379ecd5ec8b9b2211bb1183521ac34a9d7bcd1fdec68c59e3dddf51
SHA512

ffa716f08d0c9d832f0379eee032a7d66fe610f36250c729501963e819932960d76a7e75ad6af1fbf13df7cd69c8deab272a7cfb737752f3dc52d4b147b42d6d
SSDEEP

393216:j6klZbFsLC1EfBBYQrmPnqw5FovmNnhLdk/FGTZFpyb/De34CdnAeCQeO:2klZxsLC1EfLYDPnNo+xh5k/cTTj3Xgk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/314adb9dc1debb41eb178f07e340046b107367e811cf4e5e8d30d63fa7a9f9e9

Files

314adb9dc1debb41eb178f07e340046b107367e811cf4e5e8d30d63fa7a9f9e9.zip
.zip

Password: infected
314adb9dc1debb41eb178f07e340046b107367e811cf4e5e8d30d63fa7a9f9e9
.exe windows:6 windows x64 arch:x64

Password: infected

b31b681a3da7985991730f0bc261bb60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SwitchToThread
SuspendThread
SetWaitableTimer
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
RtlVirtualUnwind
RtlLookupFunctionEntry
ResumeThread
RaiseFailFastException
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
FatalExit
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler
AddVectoredContinueHandler
WriteFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
FatalExit
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetDesktopWindow
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplaySettingsW

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 820KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.}.+
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.symtab
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.=Bp
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~K\
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

._BK
Size: 13.6MB - Virtual size: 13.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b31b681a3da7985991730f0bc261bb60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 820KB - Virtual size: 820KB

.pdata Size: 64KB - Virtual size: 64KB

.xdata Size: 4KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.}.+ Size: 52KB - Virtual size: 52KB

.symtab Size: 4KB - Virtual size: 4KB

.=Bp Size: 6.9MB - Virtual size: 6.9MB

.~K\ Size: 4KB - Virtual size: 4KB

._BK Size: 13.6MB - Virtual size: 13.6MB

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 820KB - Virtual size: 820KB

.pdata
Size: 64KB - Virtual size: 64KB

.xdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.}.+
Size: 52KB - Virtual size: 52KB

.symtab
Size: 4KB - Virtual size: 4KB

.=Bp
Size: 6.9MB - Virtual size: 6.9MB

.~K\
Size: 4KB - Virtual size: 4KB

._BK
Size: 13.6MB - Virtual size: 13.6MB

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB