5dbb891dfacd8cc678693e8e14356a17[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

5dbb891dfacd8cc678693e8e14356a17.zip
Size

1.3MB
MD5

96903f7353d51cbb381d735b43a39801
SHA1

9856d9e040761035902105f51788486ceb50a281
SHA256

dc505b3c94e20610ed5b97db679af5c34031ec1684dc7931d1c8cc3f10ca4dbd
SHA512

7e7fd95241dd2b8f0e50e35db3f765cbcb06cf1017fa25647fd8a79454209496ca456115922b5d88f33cc02d9726221a554b9582d3aa53ceb6c8df84814579db
SSDEEP

24576:VvOBW1veVjNl7rgt/wbNHV/WU/w3Yjd1LlvVtYMtGOoz:JGZl/gt4RV/WUY3+HLlIMtuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ba4d03c54482ef46d22e2438e4ae9ba263373e031a99cf20909c3effca01d0b5

Files

5dbb891dfacd8cc678693e8e14356a17.zip
.zip

Password: infected
ba4d03c54482ef46d22e2438e4ae9ba263373e031a99cf20909c3effca01d0b5
.exe windows:4 windows x86 arch:x86

Password: infected

342ea68255b471423c6e26ea1700b91b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExA
GetVersion
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MessageBoxA

advapi32

RegFlushKey

oleaut32

SafeArrayCreate

Sections

CODE
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

342ea68255b471423c6e26ea1700b91b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

CODE Size: - Virtual size: 84KB

DATA Size: - Virtual size: 1KB

BSS Size: - Virtual size: 2KB

.idata Size: - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 179KB

.vmp1 Size: 290KB - Virtual size: 290KB

.rsrc Size: 1KB - Virtual size: 5KB

CODE
Size: - Virtual size: 84KB

DATA
Size: - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 179KB

.vmp1
Size: 290KB - Virtual size: 290KB

.rsrc
Size: 1KB - Virtual size: 5KB