cda9ea3755ce66240441cd5695ae1b9a[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

cda9ea3755ce66240441cd5695ae1b9a.zip
Size

555KB
MD5

45eab44e90a3da05abd99726354f60c1
SHA1

77b25aceb2409ed5d5f873146f7f961e51508d1f
SHA256

9d5e2966097a106e5d7beee0ecba4fa033321ccc79225eaeb029aba55d44e135
SHA512

9506ff7b0e3a4f9ec1e94e0cd834db37754215ff0d96fe55f74b96dd1501ea54310ee187d64c6a20820ffdb1a141fbce9e71a45846660a71cc3a88d74e6c262e
SSDEEP

12288:d8gdMsv2QbebFMmLjXSTvTSdnWM+V+f48WLPQeGeXDy5zzrIy+Z2:dTCUTSdWM+ow8WdTmzz0y+Z2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/904fee8bea484ee2e0e10a2fecebad6a614f4ecd6ee99b778df3fb3cb53bddbb

Files

cda9ea3755ce66240441cd5695ae1b9a.zip
.zip

Password: infected
904fee8bea484ee2e0e10a2fecebad6a614f4ecd6ee99b778df3fb3cb53bddbb
.exe windows:4 windows x86 arch:x86

Password: infected

5e3037e8027c03026eb0d96b2c08d22d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExA
GetVersion
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetSystemMetrics

advapi32

RegOpenKeyExA

oleaut32

SafeArrayGetLBound

Sections

CODE
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

5e3037e8027c03026eb0d96b2c08d22d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Sections

CODE Size: - Virtual size: 84KB

DATA Size: - Virtual size: 1KB

BSS Size: - Virtual size: 2KB

.idata Size: - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 176KB

.vmp1 Size: 294KB - Virtual size: 293KB

.rsrc Size: 1KB - Virtual size: 5KB

CODE
Size: - Virtual size: 84KB

DATA
Size: - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 176KB

.vmp1
Size: 294KB - Virtual size: 293KB

.rsrc
Size: 1KB - Virtual size: 5KB