ac1d4a51b8c1f7f98a1033e5bc2e1de7[.]zip | Triage

Sharing

General

Target

ac1d4a51b8c1f7f98a1033e5bc2e1de7.zip
Size

568KB
MD5

624b0b98c9a339408650993fb541d08e
SHA1

2975c2e0165184ff00611f3520913b193b2434f8
SHA256

7e6b1c3938e4d0a6968141b0d191e1a10f1f30f513d231048b731ccceec52156
SHA512

4fbcfad9a7f57fccd907ee3df669d0b8a1467927a73af929d83e3abed6fe91dbc2da67e4c4f92a35eaf86c217103e1659342d42f1683e15d92367b663f6db1b4
SSDEEP

12288:FMImL6+Q9jwZJSjHjl3nVzhoa9wnnz/qwzdGnxIAsFbrAYFYQNi4nc0JPq:F7mWnwr0Hhn09q0onxILF4YGg7nlJPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7a297e62cd649ae1763acd89bcf2135eebf6b3a910ca60621d84e004b078beb7

Files

ac1d4a51b8c1f7f98a1033e5bc2e1de7.zip
.zip

Password: infected
7a297e62cd649ae1763acd89bcf2135eebf6b3a910ca60621d84e004b078beb7
.dll regsvr32 windows:6 windows x86 arch:x86

Password: infected

07695c81da8ca3f6eeb7be880986f8b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateThread
WaitForSingleObject
TlsGetValue
CreateFileA
GetProcAddress
LoadLibraryA
GetCurrentThread

Exports

Exports

CwtyzbonsxttMpeeewth
DllRegisterServer
IbhynHolpfdcbwq

Sections

.text
Size: 931KB - Virtual size: 931KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ