b7620b6adf5f0bd58d84f7cde0e3dcfb[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

b7620b6adf5f0bd58d84f7cde0e3dcfb.zip
Size

39KB
MD5

f9d5cb506b65ccaea26ab1c18b0ebd4c
SHA1

dc6eb0db11558d0371d8fc85477a80299d697d5d
SHA256

624aaa66bdb190720a3017a21b3ff9b21bd9849f1b1df5b2f1305cd24359c78a
SHA512

54a0cf25084d2c1fe2c94507e83ec9bafda0a26bdd52e55713d18d054450bdd192ee48481272cb69f2f593aef6f6652d096985045fbf63b4f9c38457bb684b7a
SSDEEP

768:U5JaDU8m0sG8ShILQWC36Ya7LBdjYmoIOtqL4lxECOmIuryoLdjCROU:US48m0szSiLjxrjYbxtREFrX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8a3c975f041bcec99b0495f9e67366b68baac6d0c5deb11dd11a77270892befe

Files

b7620b6adf5f0bd58d84f7cde0e3dcfb.zip
.zip

Password: infected
8a3c975f041bcec99b0495f9e67366b68baac6d0c5deb11dd11a77270892befe
.exe windows:4 windows x86 arch:x86

Password: infected

d0f156be95b89ada5813326f915d62a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
FreeConsole
GetCurrencyFormatW
IsProcessorFeaturePresent
CreateEventA
OpenFileMappingW
LocalHandle
HeapSize
MulDiv
WriteFile
GetTempFileNameW
SetLocaleInfoW
DosDateTimeToFileTime
EnumLanguageGroupLocalesW
CreatePipe
GetPrivateProfileSectionNamesA
SetConsoleTitleA
CancelDeviceWakeupRequest
GetVolumePathNameA
GetProfileIntA
GetDateFormatA
DebugBreak
SuspendThread
SetCommMask
EnumUILanguagesW
MoveFileWithProgressA
BackupRead
GetNumberOfConsoleInputEvents
GetLongPathNameA
FreeLibrary
GetFileAttributesW
EnumDateFormatsA
QueryDosDeviceA
UpdateResourceW
WritePrivateProfileStructA
lstrcpynA
GetExitCodeProcess
GlobalAddAtomW
GetShortPathNameW
UnlockFileEx
SetComputerNameExA
CancelDeviceWakeupRequest

gdi32

GetDeviceCaps

ole32

OleCreateFromData
HWND_UserMarshal
CreateAntiMoniker
CoInitialize
CoSetProxyBlanket
CoDisconnectObject
ReleaseStgMedium
HGLOBAL_UserSize
PropStgNameToFmtId

msvcrt

iswprint
_wgetenv
srand
strtok
iswupper
tolower
fputs
_swab
wcsncpy
_fputchar
iswctype
_strupr
bsearch
_strnicmp
memcmp
_wspawnl
_abnormal_termination
_rotl
_flsbuf
isdigit
memmove
_isctype
isalpha
isgraph
_wspawnvpe
_wexecve
_wcslwr
_wcsrev
fputwc
_fcvt
_ultoa
tmpnam
_wcreat

winmm

timeSetEvent
waveOutOpen
midiConnect
midiOutSetVolume
mmioOpenA
mmioWrite
DrvGetModuleHandle
mciGetDeviceIDFromElementIDW
waveOutGetErrorTextW
joyGetPosEx
mixerSetControlDetails
joySetThreshold
mmioRead
waveOutGetDevCapsA
DefDriverProc
mmioDescend
mixerGetLineInfoA
mciSendStringA
midiOutClose
midiInGetDevCapsW
midiStreamOut
mmioSetBuffer
midiInClose
waveOutReset
midiOutPrepareHeader
waveInGetPosition
GetDriverModuleHandle
mmioGetInfo
midiInMessage
mciGetCreatorTask
auxGetVolume
joyGetDevCapsW
waveInGetErrorTextA
mixerGetLineControlsW

mscms

GetColorProfileElement
UninstallColorProfileA
AssociateColorProfileWithDeviceA
EnumColorProfilesW
GetStandardColorSpaceProfileW
DisassociateColorProfileFromDeviceW
GetStandardColorSpaceProfileA
SetStandardColorSpaceProfileW
DeleteColorTransform
GetPS2ColorRenderingIntent
SetColorProfileHeader
TranslateBitmapBits
CreateColorTransformA
ConvertIndexToColorName
CreateProfileFromLogColorSpaceW
RegisterCMMW
GetColorProfileElementTag
GetColorProfileFromHandle
UninstallColorProfileW
CreateMultiProfileTransform
GetCountColorProfileElements
InstallColorProfileA
CreateColorTransformW
CheckColors
SetColorProfileElementReference

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

d0f156be95b89ada5813326f915d62a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

ole32

msvcrt

winmm

mscms

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.u Size: 16KB - Virtual size: 15KB

.rsrc Size: 32KB - Virtual size: 36KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.u
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 32KB - Virtual size: 36KB