c4c9428ea6a30325f8ac6a3fecc199a1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

c4c9428ea6a30325f8ac6a3fecc199a1.zip
Size

180KB
MD5

4127829c259610b80c10aabd0ceb04d4
SHA1

a431686ca42aa314cdceafb059e3989d1a316617
SHA256

65355c0a686d8ba5f7551152571545331d64fe207a4f6c44ae67b240f3cbb19c
SHA512

c7d8ec1f13d1d62c892ae2db5b7b8befc0e30f1bb73ce7bf22f1a7b5d376e7937f2a28838cddc69b759c1edab62266b498e187090050042f1b97ff94255407df
SSDEEP

3072:pRrjzAtl2NZQxPoyaCDpqjyrUKE7hwQBUec4HzDGi9UleibJFAR1rg9zgAQYPXKl:b+V75pqnK+hwJlC8eibDU1rU/PayBoqA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4fb9ec0883d7b509a16d73e2181f5236d13042706cb8bbe82091f8a9db4575d1

Files

c4c9428ea6a30325f8ac6a3fecc199a1.zip
.zip

Password: infected
4fb9ec0883d7b509a16d73e2181f5236d13042706cb8bbe82091f8a9db4575d1
.exe windows:5 windows x86 arch:x86

b12236dc2017ad7d1928e8cd9feb8c2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\yek\rizetawasusa96_dekagadas_gis.pdb

Imports

kernel32

GetCommandLineW
GetThreadContext
lstrlenA
InterlockedIncrement
GetQueuedCompletionStatus
GetCommState
GetSystemWindowsDirectoryW
GetProfileStringW
SetConsoleScreenBufferSize
CallNamedPipeW
FreeEnvironmentStringsA
SetTapeParameters
CreateNamedPipeW
GetCompressedFileSizeW
CreateActCtxW
FindResourceExA
GetPrivateProfileIntA
GetSystemDirectoryW
SetFileShortNameW
LoadLibraryW
SizeofResource
GetSystemWow64DirectoryW
HeapDestroy
CreateSemaphoreA
GetBinaryTypeA
QueryInformationJobObject
GetStartupInfoW
LCMapStringA
GetPrivateProfileIntW
GetLastError
SetLastError
GetProcAddress
SetStdHandle
SearchPathA
LocalAlloc
GetNumberFormatW
FindAtomA
GetModuleFileNameA
FindNextFileA
CreateIoCompletionPort
FindFirstChangeNotificationA
HeapSetInformation
GetCurrentDirectoryA
OutputDebugStringA
GetCPInfoExA
FindAtomW
DeleteFileW
GetSystemTime
CopyFileExA
InterlockedDecrement
DecodePointer
GetModuleHandleW
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
WriteFile
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapValidate
IsBadReadPtr
HeapCreate
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
WriteConsoleW
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
LCMapStringW
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
IsProcessorFeaturePresent
FlushFileBuffers
ReadFile
RaiseException
CreateFileW
CloseHandle

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12.3MB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b12236dc2017ad7d1928e8cd9feb8c2e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 67KB - Virtual size: 4.2MB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 12.3MB - Virtual size: 22KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 67KB - Virtual size: 4.2MB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 12.3MB - Virtual size: 22KB