BP_SH_FL_0_2024-08-21_19_07_59[.]246[.]zip

General

Target

BP_SH_FL_0_2024-08-21_19_07_59.246.zip
Size

37KB
MD5

1871ca34e6d547af8aaad8526729fa5e
SHA1

14069ee855f46fb561b31e0e73cbf36b513d81dd
SHA256

4fcf27d5173913c24ad4f560c9d5e2e2f9bda7d201bc5f75e11605901733e090
SHA512

df5d9b61f1369d93257a53765df54e39cf349d6adea74ed43a184ebf2cf8b9c65bb866ddcc309f93632bec9d1863fd4ed613e1b65f572b3196558daa3c062566
SSDEEP

768:NNIL6FFUV39W4Ap6jaV9AO4SYbPz7td6NXve0rFBPlyBHsOXdUAZg:NE6Y0JpOaV9Abr7tMNm0rjPlgBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/$RECYCLE.BIN/S-1-5-21-1620871244-3604867229-2077364804-4635/$RR5CUCS.exe

Files

BP_SH_FL_0_2024-08-21_19_07_59.246.zip
.zip

Password: DG93rry24!
Device/HarddiskVolume4/$RECYCLE.BIN/S-1-5-21-1620871244-3604867229-2077364804-4635/$RR5CUCS.exe
.exe windows:4 windows x86 arch:x86

Password: DG93rry24!

dbe920731c41982a49f842ad1020d762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleFileNameA
GetStdHandle
SetConsoleMode
GetConsoleMode
Sleep
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleTextAttribute
GetTickCount
GetVolumeInformationA
ReadConsoleInputA
WriteConsoleA
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
CompareStringW
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
SetHandleCount
GetFileType
GetStartupInfoA
GetLastError
ReadFile
SetFilePointer
HeapFree
CloseHandle
GetFileAttributesA
GetProcAddress
GetModuleHandleA
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
SetStdHandle
FlushFileBuffers
VirtualAlloc
HeapReAlloc
CreateFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
CompareStringA

user32

FindWindowA
GetDesktopWindow
GetWindowRect
SetWindowPos

winmm

timeGetTime

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: DG93rry24!

Password: DG93rry24!

dbe920731c41982a49f842ad1020d762

Headers

File Characteristics

Imports

kernel32

user32

winmm

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 11.0MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 11.0MB

.rsrc
Size: 8KB - Virtual size: 5KB