22bed61ad74b006a594d6c78ce2a19e2[.]zip

General

Target

22bed61ad74b006a594d6c78ce2a19e2.zip
Size

3.7MB
MD5

2fffde9626bfbb223c84b728d17bcb6c
SHA1

f86b15014434ca23fc95f474a2e3a9e98c8d3d38
SHA256

bf473ee7c630a3c1e0c93397461f5579256b5dbaf960d0235c44fa9d2453adf1
SHA512

8b6c0fca5b28f9ad31dbe1f189e4864d3555c9d5f0d3d54f9c820cb3de2f5227b3ede358f2eb1d6ae86ee579be6c59213501a9f96ecfb6ab491406a203761382
SSDEEP

98304:sgWm1fEH0MF6ruB3KG7cEwiQdXeKxLy3nIPndywHuVCW:sI1f40MF08BjrY7y3It9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/65b6084e2c3c9813ff75e8e9a6574274e0836eb97920e5ff95cbd341e64d89ba

Files

22bed61ad74b006a594d6c78ce2a19e2.zip
.zip

Password: infected
65b6084e2c3c9813ff75e8e9a6574274e0836eb97920e5ff95cbd341e64d89ba
.exe windows:4 windows x86 arch:x86

Password: infected

98dfd9b9e184a03c6ea488ca38f4797e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CreateMutexA
CreateProcessA
ExitProcess
FindAtomA
GetAtomNameA
GetFileAttributesA
GetStartupInfoA
InterlockedIncrement
ReleaseMutex
SetUnhandledExceptionFilter
Sleep
WaitForSingleObject

msvcrt

_itoa
_stat
__getmainargs
__p__environ
__set_app_type
_cexit
_errno
_fileno
_findclose
_findfirst
_findnext
_fmode
_fullpath
_iob
_onexit
_setmode
abort
atexit
exit
fclose
feof
fopen
fread
free
fwrite
malloc
memset
puts
rand
rewind
signal
sprintf
srand
strcat
strcpy
strlen
strncpy
strstr
strtoul
system
time

user32

MessageBoxA

Sections

.pebizo
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 672B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

98dfd9b9e184a03c6ea488ca38f4797e

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.pebizo Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 128B

.rdata Size: 1024B - Virtual size: 876B

.bss Size: - Virtual size: 672B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.text Size: 406KB - Virtual size: 406KB

.pebizo
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 1024B - Virtual size: 876B

.bss
Size: - Virtual size: 672B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 406KB - Virtual size: 406KB