eaad1d9607ca40220cb76bf36ddfa947[.]zip

General

Target

eaad1d9607ca40220cb76bf36ddfa947.zip
Size

3.2MB
MD5

1980341a7eb903295551618d51e1c356
SHA1

a6729820097bb95b8768a53663af3cfbf1cb3643
SHA256

ae876d48bedc9eb4903f3d05edca8a858535314534a42834ae982dcd4306bb84
SHA512

db6a3a0cb73c76e1f52e503479fc9167ed77015118134d22663d0bfd3bf5a99aba5987b477b3c06beb1b4327ac01498380b342499f89b10994e50787aaeccb0e
SSDEEP

98304:zZsfffOvA4ppmkM9/wAdRoz3TgEPqIBpv:tsHfOvA9x9/wAGMe3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f45dec8b1e8cb601c8a4d447cd1d7bf28ce71ffc3117b6fc4d3b46d3928647a0

Files

eaad1d9607ca40220cb76bf36ddfa947.zip
.zip

Password: infected
f45dec8b1e8cb601c8a4d447cd1d7bf28ce71ffc3117b6fc4d3b46d3928647a0
.exe windows:4 windows x86 arch:x86

Password: infected

3292b0a1cb5b0a908a013d677dfe2c24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleW
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
GetTickCount
FreeLibrary
LocalFree
LeaveCriticalSection
WriteFile
WaitForSingleObject
GetProcessHeap
ExitProcess
GetStdHandle
GetStartupInfoW
FindClose
ReadFile
RaiseException
TlsGetValue
GetModuleHandleA
GetConsoleMode
TlsSetValue
HeapSize
LoadLibraryW
LoadLibraryExW
CreateThread
SetFilePointer
CompareStringW
GetStringTypeW
RtlUnwind
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetOEMCP
FreeEnvironmentStringsW
IsProcessorFeaturePresent
FindNextFileW
IsValidCodePage
FindFirstFileW
DeleteFileW
GetConsoleCP
LocalAlloc
SetEndOfFile
ResetEvent
GetVersionExW
ReleaseMutex
GetFileSize
EncodePointer
VirtualFree
lstrlenW
LoadLibraryA
LoadResource
GetExitCodeProcess
ExpandEnvironmentStringsW

user32

LoadStringW
DispatchMessageW
ShowWindow
DestroyWindow
ReleaseDC
MessageBoxW
PostQuitMessage
CreateWindowExW
SetWindowLongW
GetMessageW
GetDlgItem
GetSystemMetrics
SetWindowPos
IsWindow
LoadCursorW
SetTimer
LoadIconW
SetFocus
GetSysColor
EndPaint
ScreenToClient
SetCursor
RegisterClassW
SystemParametersInfoW
MessageBoxA
CharUpperW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

3292b0a1cb5b0a908a013d677dfe2c24

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 2KB