6fcedeaa013cae3008d6133102b1144c[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fcedeaa013cae3008d6133102b1144c.zip
Size

17KB
MD5

8e50086c9f2790fd9f61266a372f6d70
SHA1

8728608b465e51700c153f2a75d0b9840b35a578
SHA256

9518b081f95bb29c593c5333ef0761fd2edb666654560984046f0640c7099535
SHA512

8ce8bba1553dc5d7cc7d4ba5d4612c6521ca1d4cf7ef75eb5df6777299aab9e0a05c0a9183bafdca05ce2f7395a8c88bb156dea4ee47e6544bbb8443e40d2748
SSDEEP

384:vLJ9DpDoRhPxe/uECxapekY6egPL7/mtYKHaZP5jBd1l4ZJ:vLJ9Dp8RVKY6xPwYbP5Vd1luJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1ed6054025bb1e38a0695d4aef88a8799144160ab3a09b115cba1cc70fcf6255

Files

6fcedeaa013cae3008d6133102b1144c.zip
.zip

Password: infected
1ed6054025bb1e38a0695d4aef88a8799144160ab3a09b115cba1cc70fcf6255
.dll windows:6 windows x86 arch:x86

Password: infected

43e635b6578468976eb5db2af33b25c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

ord206
AddPrinterDriverA
FreePrinterNotifyInfo
GetPrinterDriverDirectoryW

wsnmp32

ord203
ord401
ord603
ord903

winmm

DefDriverProc
joySetThreshold
mmioDescend
sndPlaySoundW
waveInGetDevCapsW

setupapi

SetupCopyErrorW
SetupDiClassGuidsFromNameW
SetupDiGetINFClassA
SetupDiInstallDeviceInterfaces
SetupDuplicateDiskSpaceListW
SetupGetSourceFileLocationW

ws2_32

WSAHtonl
WSCUnInstallNameSpace
inet_addr

mswsock

GetNameByTypeW
GetTypeByNameA
TransmitFile
WSARecvEx
s_perror

kernel32

GetProcessHeap
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
LocalAlloc
LocalFree
VirtualProtect

user32

LoadStringW
MessageBoxW

msvcrt

_adjust_fdiv
_initterm
free
malloc
memcpy
memset

Exports

Exports

gdpyrdt

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ