d3ce671766cf57e36daa95bc537edb36[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

d3ce671766cf57e36daa95bc537edb36.zip
Size

77KB
MD5

5ec7dca1384ed2a3b2a70f0852ad8694
SHA1

a624450b045e3736dbc3ce12574493e542f722b9
SHA256

96299286912d94c9e2b77b0756c24c6ff4acbc898fde3492e648fd268686136e
SHA512

4cfe496f880a31d643ddf8d423a98b2a151682b953fabd7816e2e25ccef9d071e3e4a98436ca6afaaf17a3020c53f1f2ff3617d126549aa48bc2460dbc7515b7
SSDEEP

1536:PjmwpwTsXj00pLyFn57N4qv87boHFKm75K0e8TRhEKvHhnvEQpJex:PE0pLyF5htv8olKm75XTRhVhvtpJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f2349966337aa59f947df6de8ad6e73885b0e578713139d4f9c8c5f17343b857

Files

d3ce671766cf57e36daa95bc537edb36.zip
.zip

Password: infected
f2349966337aa59f947df6de8ad6e73885b0e578713139d4f9c8c5f17343b857
.dll windows:4 windows x86 arch:x86

Password: infected

752946d431a91fa52d062ef0fab55c5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriority
GetCurrentProcessId
IsBadReadPtr
FlushInstructionCache
GetCurrentProcess
VirtualProtect
CloseHandle
FreeLibrary
DeleteFileA
GetProcessVersion
ResetEvent
WaitForSingleObject
SetThreadPriority
LeaveCriticalSection
EnterCriticalSection
GetProcessShutdownParameters
GetModuleFileNameA
GetCurrentThreadId
GetFileType
GetCurrentThread
DeleteCriticalSection
SetLastError
InitializeCriticalSection
GetLastError
GetExitCodeProcess
OpenProcess
ReleaseMutex
SizeofResource
GetComputerNameA
GetFileSize
FindFirstFileA
SetEvent
GetThreadPriorityBoost
WaitForMultipleObjects
CreateEventA
HeapFree
GetProcessHeap
GetModuleHandleA
HeapAlloc
FindClose
FindNextFileA
MultiByteToWideChar
lstrlenA
GetFileTime
CreateFileA
HeapReAlloc
HeapValidate
IsBadWritePtr
lstrlenW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapSize
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
CreateThread
GetTempFileNameA
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
Sleep
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
MoveFileA
GetCommandLineA
GetVersion
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
ReadFile
WriteFile
WideCharToMultiByte
SetStdHandle

user32

DestroyWindow
SendMessageA
GetCursor
CopyIcon
FindWindowA
GetWindowDC
GetForegroundWindow
GetWindowThreadProcessId
GetKeyboardLayout
MapVirtualKeyExA
TranslateMessage
DispatchMessageA
GetWindowRect
SetForegroundWindow
SetParent
SetWindowLongA
SetThreadDesktop
IsRectEmpty
SetActiveWindow
SetRect
GetIconInfo
SetRectEmpty
ScreenToClient
GetMessageA
GetDC

gdi32

SetRectRgn

advapi32

RevertToSelf

oleaut32

SysAllocStringLen
SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SYNC
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

752946d431a91fa52d062ef0fab55c5f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 18KB

.SYNC Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 18KB

.SYNC
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 10KB