5194c3aea45fe6afc3fadd00a74aa134[.]zip

General

Target

5194c3aea45fe6afc3fadd00a74aa134.zip
Size

3.2MB
MD5

91915315cf2607478b0268dcd49338a9
SHA1

404bd0df93fa0dc0fb9d7baed63a12fb5985857e
SHA256

26117eb8fd58051e94204ae150358d7a8fa0a8bd332ba4a6ca3c7f9a39488703
SHA512

b821e01c932a71131c9e23ba61acd005468c25ae52db66618a591dc36012d6a7169ab0c3f713cc262d2dc2eb8f74841088a71ee267228177bc3c6bcacdbd03b7
SSDEEP

98304:2iRU+q2i4kTHxr8qiXfYMrVCYimzvWYw3P1Tp:2iGhLTHqh5OF3H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/35e0d0f566eab2d1935ef0bb721a79415729715ecb37e24ce8a7374c0ab8d42c

Files

5194c3aea45fe6afc3fadd00a74aa134.zip
.zip

Password: infected
35e0d0f566eab2d1935ef0bb721a79415729715ecb37e24ce8a7374c0ab8d42c
.exe windows:4 windows x86 arch:x86

Password: infected

9036dcc711cc26cf52db0f048e82860b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetModuleHandleW
TerminateProcess
Sleep
FreeLibrary
WideCharToMultiByte
HeapFree
LocalFree
LeaveCriticalSection
EnterCriticalSection
CreateFileW
ExitProcess
GetModuleFileNameW
IsDebuggerPresent
GetCommandLineW
GetACP
FormatMessageW
GetModuleHandleA
InitializeCriticalSection
HeapReAlloc
GetConsoleMode
TlsSetValue
CreateEventW
HeapSetInformation
WriteConsoleW
LoadLibraryW
CreateThread
GetCPInfo
SetFilePointer
GetStringTypeW
RtlUnwind
LCMapStringW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
IsProcessorFeaturePresent
FindNextFileW
FindFirstFileW
DeleteFileW
LocalAlloc
GetCommandLineA
SetEndOfFile
ResetEvent
ReleaseMutex
CreateFileA
GetFileSize
EncodePointer
lstrlenW
GetLocaleInfoW
UnmapViewOfFile
CreateProcessW

user32

LoadStringW
ReleaseDC
DefWindowProcW
MessageBoxW
PostQuitMessage
CreateWindowExW
GetWindowLongW
GetMessageW
GetWindowRect
SendMessageW
IsWindow
LoadCursorW
EndDialog
SetForegroundWindow
GetSysColor
PeekMessageW
BeginPaint
ScreenToClient
SetCursor
KillTimer
RegisterClassW
SystemParametersInfoW
GetKeyState
CharUpperW

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

9036dcc711cc26cf52db0f048e82860b

Headers

File Characteristics

Imports

kernel32

user32

Sections

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB