fbefd9b56dcf5ec9725cf72f0ef5a1d0[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

fbefd9b56dcf5ec9725cf72f0ef5a1d0.zip
Size

105KB
MD5

3897ef98da60e8f7fcd10f021c29ece5
SHA1

58ceeee8171ffd608638d6ce9af673370c274f11
SHA256

88c20324274939c8b3b116f9a764e3012f617788157f77fa05d3fb1923e23340
SHA512

62e0b5bef7621d0f874d76e06749b106645c6312acdfc19a19a75aa9d4de71bd503d8d773478878b9b82b5ddfbbbae6040c665734926f3494aeb3439a593c0ce
SSDEEP

3072:ceIHW2SE4gnV6W33aTg6gGqnk/Ig9iZQcI1HlFc:aHjSE4gssKs69RAZ01Hw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5d78d93b0632660b7e400593bbd6e02d9497fafda487a45b1598ccbc8aa2d2bf

Files

fbefd9b56dcf5ec9725cf72f0ef5a1d0.zip
.zip

Password: infected
5d78d93b0632660b7e400593bbd6e02d9497fafda487a45b1598ccbc8aa2d2bf
.exe windows:4 windows x86 arch:x86

Password: infected

1d889a04f0060c1ecc1d4a520848914a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetFileAttributesA
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_iob
_lock
_onexit
_unlock
calloc
exit
fclose
fopen
fprintf
fputs
free
fwrite
malloc
memcpy
rand
remove
signal
strlen
strncmp
abort
vfprintf

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
recv
socket

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1008B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1d889a04f0060c1ecc1d4a520848914a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ws2_32

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 44B

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 1008B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

/4 Size: 1024B - Virtual size: 904B

/19 Size: 309KB - Virtual size: 308KB

/31 Size: 11KB - Virtual size: 10KB

/45 Size: 11KB - Virtual size: 11KB

/57 Size: 2KB - Virtual size: 2KB

/70 Size: 2KB - Virtual size: 2KB

/81 Size: 6KB - Virtual size: 6KB

/92 Size: 1024B - Virtual size: 592B

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 44B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 1008B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

/4
Size: 1024B - Virtual size: 904B

/19
Size: 309KB - Virtual size: 308KB

/31
Size: 11KB - Virtual size: 10KB

/45
Size: 11KB - Virtual size: 11KB

/57
Size: 2KB - Virtual size: 2KB

/70
Size: 2KB - Virtual size: 2KB

/81
Size: 6KB - Virtual size: 6KB

/92
Size: 1024B - Virtual size: 592B