493f06f89617e88d5f0b1f340d4f7ee1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

493f06f89617e88d5f0b1f340d4f7ee1.zip
Size

3.0MB
MD5

63f44878aa8252e22111e0123ff219ae
SHA1

32c7e24b4d1e48b769a55bfdf837856b819f76c7
SHA256

42bdc805c35941f8e689a3cb83e9419ef2ab0c4e8f03d3f34185d9cfbdcba57f
SHA512

ff4b3245a59f794b29e6a09373118abbd763e3b6d92f36657997f47ea4ff7cb18503b7890b327eaaf656a780005ae08aee1284340f5a5fc593d9fe2a26ff1033
SSDEEP

49152:N7nFgVRclphNZ0CsxvCM4GqLeGCpyt8GKBqh8d5qy8aFhPKA7DxDwRdPIWfK6E8:N7CPQhrlPAyhn8mscA7KdPIYz3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2849aaf4ce699168dff5fd9987f8c2f5468d388c30416ecce3b7b7a3442a9b58

Files

493f06f89617e88d5f0b1f340d4f7ee1.zip
.zip

Password: infected
2849aaf4ce699168dff5fd9987f8c2f5468d388c30416ecce3b7b7a3442a9b58
.exe windows:4 windows x86 arch:x86

Password: infected

55fe2519db5cc8102e98db551ca473a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
HeapDestroy
HeapFree
QueryPerformanceCounter
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
Sleep
CreateFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
IsBadReadPtr
lstrcmpiA
FreeLibrary
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YgilQqVy
Size: 27KB - Virtual size: 26KB

PqWZzFAk
Size: 114KB - Virtual size: 113KB

tUkorbGQ
Size: 52KB - Virtual size: 51KB

dpGSVUrs
Size: 115KB - Virtual size: 115KB

spJOgSBy
Size: 238KB - Virtual size: 237KB

gVNIVagW
Size: 11KB - Virtual size: 11KB

rmwUXAKJ
Size: 56KB - Virtual size: 55KB

GlFPOxbd
Size: 55KB - Virtual size: 55KB

INYTxihw
Size: 15KB - Virtual size: 14KB

SzkjgXdm
Size: 308KB - Virtual size: 307KB

vTjOXWwJ
Size: 10KB - Virtual size: 9KB

tvxVAWjk
Size: 2KB - Virtual size: 1KB

jSAPlGkz
Size: 25KB - Virtual size: 24KB

NNCkHdEL
Size: 30KB - Virtual size: 30KB

cHzOrfWI
Size: 10KB - Virtual size: 10KB

idBtBRNK
Size: 67KB - Virtual size: 66KB

OdmxwHhd
Size: 512B - Virtual size: 345B

uIiwrjEg
Size: 356KB - Virtual size: 356KB

qUImyXGE
Size: 24KB - Virtual size: 24KB

nVseHhRw
Size: 319KB - Virtual size: 319KB

clbexPOz
Size: 34KB - Virtual size: 34KB

NHyPmwKR
Size: 165KB - Virtual size: 165KB

lkvOLlNU
Size: 20KB - Virtual size: 20KB

kxhyfWRX
Size: 1KB - Virtual size: 1KB

NlmhwHni
Size: 3KB - Virtual size: 3KB

TCeAIYAp
Size: 26KB - Virtual size: 26KB

iOMlXsyS
Size: 43KB - Virtual size: 42KB

EDnsPUTQ
Size: 26KB - Virtual size: 25KB

VZImpAmh
Size: 512B - Virtual size: 105B

yyQbpTum
Size: 50KB - Virtual size: 50KB

nUYTDWVs
Size: 47KB - Virtual size: 46KB

ofrSRnqD
Size: 77KB - Virtual size: 77KB

haYJKPtk
Size: 4KB - Virtual size: 3KB

UTkupZYb
Size: 21KB - Virtual size: 20KB

LbPgmWFp
Size: 37KB - Virtual size: 37KB

orfkQBhS
Size: 3KB - Virtual size: 2KB

NPapzgCi
Size: 19KB - Virtual size: 19KB

biWvAaWd
Size: 159KB - Virtual size: 159KB

agCZBybs
Size: 149KB - Virtual size: 149KB

rcGfiaFs
Size: 32KB - Virtual size: 31KB

qAcMkXwK
Size: 57KB - Virtual size: 56KB

BNVCltRj
Size: 116KB - Virtual size: 115KB

AnPuPRJm
Size: 53KB - Virtual size: 53KB

PBkvNZpN
Size: 13KB - Virtual size: 12KB

fRtnGDzB
Size: 84KB - Virtual size: 83KB

mRPYFckz
Size: 12KB - Virtual size: 11KB

ZIrhmSen
Size: 37KB - Virtual size: 37KB

eZVbVRIm
Size: 35KB - Virtual size: 35KB

IYuPhjoi
Size: 48KB - Virtual size: 47KB

NLyMDTNN
Size: 2KB - Virtual size: 2KB

BfnyiPlG
Size: 31KB - Virtual size: 30KB

zUllzdRf
Size: 57KB - Virtual size: 57KB

gcobyUws
Size: 1024B - Virtual size: 870B

XJdrmgNF
Size: 25KB - Virtual size: 24KB

aROEldId
Size: 19KB - Virtual size: 18KB

ltvBrwvI
Size: 44KB - Virtual size: 44KB

sFRMKqRN
Size: 46KB - Virtual size: 46KB

bkWcxeAL
Size: 115KB - Virtual size: 114KB

SDdfvQPf
Size: 36KB - Virtual size: 35KB

PsWkGxQI
Size: 3KB - Virtual size: 2KB

NjPJbfjy
Size: 79KB - Virtual size: 78KB

hMHViIyr
Size: 1024B - Virtual size: 601B

sefBJzjB
Size: 32KB - Virtual size: 31KB

wTyvxYAE
Size: 26KB - Virtual size: 25KB

zagbmWla
Size: 512B - Virtual size: 94B

WpZFBkfU
Size: 33KB - Virtual size: 32KB

xGlzBGBo
Size: 1024B - Virtual size: 748B

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

55fe2519db5cc8102e98db551ca473a5

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 88KB

YgilQqVy Size: 27KB - Virtual size: 26KB

PqWZzFAk Size: 114KB - Virtual size: 113KB

tUkorbGQ Size: 52KB - Virtual size: 51KB

dpGSVUrs Size: 115KB - Virtual size: 115KB

spJOgSBy Size: 238KB - Virtual size: 237KB

gVNIVagW Size: 11KB - Virtual size: 11KB

rmwUXAKJ Size: 56KB - Virtual size: 55KB

GlFPOxbd Size: 55KB - Virtual size: 55KB

INYTxihw Size: 15KB - Virtual size: 14KB

SzkjgXdm Size: 308KB - Virtual size: 307KB

vTjOXWwJ Size: 10KB - Virtual size: 9KB

tvxVAWjk Size: 2KB - Virtual size: 1KB

jSAPlGkz Size: 25KB - Virtual size: 24KB

NNCkHdEL Size: 30KB - Virtual size: 30KB

cHzOrfWI Size: 10KB - Virtual size: 10KB

idBtBRNK Size: 67KB - Virtual size: 66KB

OdmxwHhd Size: 512B - Virtual size: 345B

uIiwrjEg Size: 356KB - Virtual size: 356KB

qUImyXGE Size: 24KB - Virtual size: 24KB

nVseHhRw Size: 319KB - Virtual size: 319KB

clbexPOz Size: 34KB - Virtual size: 34KB

NHyPmwKR Size: 165KB - Virtual size: 165KB

lkvOLlNU Size: 20KB - Virtual size: 20KB

kxhyfWRX Size: 1KB - Virtual size: 1KB

NlmhwHni Size: 3KB - Virtual size: 3KB

TCeAIYAp Size: 26KB - Virtual size: 26KB

iOMlXsyS Size: 43KB - Virtual size: 42KB

EDnsPUTQ Size: 26KB - Virtual size: 25KB

VZImpAmh Size: 512B - Virtual size: 105B

yyQbpTum Size: 50KB - Virtual size: 50KB

nUYTDWVs Size: 47KB - Virtual size: 46KB

ofrSRnqD Size: 77KB - Virtual size: 77KB

haYJKPtk Size: 4KB - Virtual size: 3KB

UTkupZYb Size: 21KB - Virtual size: 20KB

LbPgmWFp Size: 37KB - Virtual size: 37KB

orfkQBhS Size: 3KB - Virtual size: 2KB

NPapzgCi Size: 19KB - Virtual size: 19KB

biWvAaWd Size: 159KB - Virtual size: 159KB

agCZBybs Size: 149KB - Virtual size: 149KB

rcGfiaFs Size: 32KB - Virtual size: 31KB

qAcMkXwK Size: 57KB - Virtual size: 56KB

BNVCltRj Size: 116KB - Virtual size: 115KB

AnPuPRJm Size: 53KB - Virtual size: 53KB

PBkvNZpN Size: 13KB - Virtual size: 12KB

fRtnGDzB Size: 84KB - Virtual size: 83KB

mRPYFckz Size: 12KB - Virtual size: 11KB

ZIrhmSen Size: 37KB - Virtual size: 37KB

eZVbVRIm Size: 35KB - Virtual size: 35KB

IYuPhjoi Size: 48KB - Virtual size: 47KB

NLyMDTNN Size: 2KB - Virtual size: 2KB

BfnyiPlG Size: 31KB - Virtual size: 30KB

zUllzdRf Size: 57KB - Virtual size: 57KB

gcobyUws Size: 1024B - Virtual size: 870B

XJdrmgNF Size: 25KB - Virtual size: 24KB

aROEldId Size: 19KB - Virtual size: 18KB

ltvBrwvI Size: 44KB - Virtual size: 44KB

sFRMKqRN Size: 46KB - Virtual size: 46KB

bkWcxeAL Size: 115KB - Virtual size: 114KB

SDdfvQPf Size: 36KB - Virtual size: 35KB

PsWkGxQI Size: 3KB - Virtual size: 2KB

NjPJbfjy Size: 79KB - Virtual size: 78KB

hMHViIyr Size: 1024B - Virtual size: 601B

sefBJzjB Size: 32KB - Virtual size: 31KB

wTyvxYAE Size: 26KB - Virtual size: 25KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 88KB

YgilQqVy
Size: 27KB - Virtual size: 26KB

PqWZzFAk
Size: 114KB - Virtual size: 113KB

tUkorbGQ
Size: 52KB - Virtual size: 51KB

dpGSVUrs
Size: 115KB - Virtual size: 115KB

spJOgSBy
Size: 238KB - Virtual size: 237KB

gVNIVagW
Size: 11KB - Virtual size: 11KB

rmwUXAKJ
Size: 56KB - Virtual size: 55KB

GlFPOxbd
Size: 55KB - Virtual size: 55KB

INYTxihw
Size: 15KB - Virtual size: 14KB

SzkjgXdm
Size: 308KB - Virtual size: 307KB

vTjOXWwJ
Size: 10KB - Virtual size: 9KB

tvxVAWjk
Size: 2KB - Virtual size: 1KB

jSAPlGkz
Size: 25KB - Virtual size: 24KB

NNCkHdEL
Size: 30KB - Virtual size: 30KB

cHzOrfWI
Size: 10KB - Virtual size: 10KB

idBtBRNK
Size: 67KB - Virtual size: 66KB

OdmxwHhd
Size: 512B - Virtual size: 345B

uIiwrjEg
Size: 356KB - Virtual size: 356KB

qUImyXGE
Size: 24KB - Virtual size: 24KB

nVseHhRw
Size: 319KB - Virtual size: 319KB

clbexPOz
Size: 34KB - Virtual size: 34KB

NHyPmwKR
Size: 165KB - Virtual size: 165KB

lkvOLlNU
Size: 20KB - Virtual size: 20KB

kxhyfWRX
Size: 1KB - Virtual size: 1KB

NlmhwHni
Size: 3KB - Virtual size: 3KB

TCeAIYAp
Size: 26KB - Virtual size: 26KB

iOMlXsyS
Size: 43KB - Virtual size: 42KB

EDnsPUTQ
Size: 26KB - Virtual size: 25KB

VZImpAmh
Size: 512B - Virtual size: 105B

yyQbpTum
Size: 50KB - Virtual size: 50KB

nUYTDWVs
Size: 47KB - Virtual size: 46KB

ofrSRnqD
Size: 77KB - Virtual size: 77KB

haYJKPtk
Size: 4KB - Virtual size: 3KB

UTkupZYb
Size: 21KB - Virtual size: 20KB

LbPgmWFp
Size: 37KB - Virtual size: 37KB

orfkQBhS
Size: 3KB - Virtual size: 2KB

NPapzgCi
Size: 19KB - Virtual size: 19KB

biWvAaWd
Size: 159KB - Virtual size: 159KB

agCZBybs
Size: 149KB - Virtual size: 149KB

rcGfiaFs
Size: 32KB - Virtual size: 31KB

qAcMkXwK
Size: 57KB - Virtual size: 56KB

BNVCltRj
Size: 116KB - Virtual size: 115KB

AnPuPRJm
Size: 53KB - Virtual size: 53KB

PBkvNZpN
Size: 13KB - Virtual size: 12KB

fRtnGDzB
Size: 84KB - Virtual size: 83KB

mRPYFckz
Size: 12KB - Virtual size: 11KB

ZIrhmSen
Size: 37KB - Virtual size: 37KB

eZVbVRIm
Size: 35KB - Virtual size: 35KB

IYuPhjoi
Size: 48KB - Virtual size: 47KB

NLyMDTNN
Size: 2KB - Virtual size: 2KB

BfnyiPlG
Size: 31KB - Virtual size: 30KB

zUllzdRf
Size: 57KB - Virtual size: 57KB

gcobyUws
Size: 1024B - Virtual size: 870B

XJdrmgNF
Size: 25KB - Virtual size: 24KB

aROEldId
Size: 19KB - Virtual size: 18KB

ltvBrwvI
Size: 44KB - Virtual size: 44KB

sFRMKqRN
Size: 46KB - Virtual size: 46KB

bkWcxeAL
Size: 115KB - Virtual size: 114KB

SDdfvQPf
Size: 36KB - Virtual size: 35KB

PsWkGxQI
Size: 3KB - Virtual size: 2KB

NjPJbfjy
Size: 79KB - Virtual size: 78KB

hMHViIyr
Size: 1024B - Virtual size: 601B

sefBJzjB
Size: 32KB - Virtual size: 31KB

wTyvxYAE
Size: 26KB - Virtual size: 25KB

zagbmWla
Size: 512B - Virtual size: 94B

WpZFBkfU
Size: 33KB - Virtual size: 32KB

xGlzBGBo
Size: 1024B - Virtual size: 748B