5ca3f16021f308c9698481798878b4fa[.]zip

General

Target

5ca3f16021f308c9698481798878b4fa.zip
Size

14KB
MD5

c535a01dfc6acc809e7d6b695d77f270
SHA1

a7749b1a5d4a5a6a7c5af8a00db5a8475fb540a0
SHA256

e3089705b373298bd3341e47b64afd4fb280ebd6bd93946e0a5dcfd895093fb2
SHA512

7326b3c2561d28e42defc3cd66e28e76158d58f5980f903ffbdf857a37f66eb93700bd61112b8e385ffb6cffb4170089e65a9afe8286aeb5cd75115d78e6c6d6
SSDEEP

384:iTx6gOq8DT8gnkki6uoHl5RrOhyF3jo+E:uxivT82fir4pG4joV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0

Files

5ca3f16021f308c9698481798878b4fa.zip
.zip

Password: infected
7327d8a6011b4fe417c8232e3481688a27accd88cec9a4f217de9bcdbba8c0d0
.exe windows:4 windows x86 arch:x86

Password: infected

222e7b320f36011feb1642000d8fa826

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

uiopferta.pdb

Imports

cryptdll

CDBuildVect
MD5Update
CDLocateRng
MD5Init

shell32

DragAcceptFiles
SHCreateShellItem
ShellAboutA
SHGetFileInfoA
StrChrA
SHFileOperationA
DragQueryFileA
FreeIconList
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
FindExecutableA
SHGetDesktopFolder
ShellMessageBoxW
SHGetFolderPathA
SHGetMalloc
DragFinish

dbnmpntw

ConnectionClose
ConnectionWrite
ConnectionError

kernel32

FileTimeToSystemTime
SearchPathA
OpenMutexA
GetPrivateProfileIntW
GetModuleHandleW
GetLocalTime
ReadConsoleW
FindFirstFileA
GetEnvironmentVariableA
DeviceIoControl
SetEnvironmentVariableW
CompareStringW
GetStringTypeW
IsValidCodePage
lstrcmpiA
lstrcmpA
TlsGetValue
GetProcAddress
GetTickCount
WriteConsoleA
lstrcpynW
GetLastError
CreateDirectoryA
GetCurrentDirectoryW
SetErrorMode
SleepEx
InterlockedDecrement
GetFullPathNameW
GetPrivateProfileIntW
IsBadStringPtrA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

222e7b320f36011feb1642000d8fa826

Headers

File Characteristics

PDB Paths

Imports

cryptdll

shell32

dbnmpntw

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 11KB - Virtual size: 11KB