ap-file-vaultFile1739356509388915023[.]vol--1647278785[.]zip

General

Target

ap-file-vaultFile1739356509388915023.vol--1647278785.zip
Size

3.0MB
MD5

6c1d29ede1f45460f400f6592c7e3e3c
SHA1

13cf4ff9300068ded573a7698f51ec0945dea011
SHA256

d6c27a91fb850c1fc49950c69ee106bdd116b03092173bde70a7d3ea7132dbe8
SHA512

bca8f6620404ec967e521c9b9feb3ee35a52ff35e80f60d6041bd4e20b5b41ec95161c20fd038cba5775c44120b3908455dc2c19c0b1f7c273b344fe95bd1f5d
SSDEEP

98304:gZCkKFutaR1CmhEFpS8lUCq80o4rZAYcXpc:PDFutq9EFsU5qEO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/vaultFile1739356509388915023.vol

Files

ap-file-vaultFile1739356509388915023.vol--1647278785.zip
.zip

Password: cautionhandlewithcare
vaultFile1739356509388915023.vol
.exe windows:5 windows x86 arch:x86

Password: cautionhandlewithcare

788a53feef59eb5ea922d56f210c8c35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetVersionExW
CreateDirectoryExW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetWindowLongW

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vaultFile1739356509388915023.vol.METADATA

Sharing

General

Malware Config

Signatures

Files

Password: cautionhandlewithcare

Password: cautionhandlewithcare

788a53feef59eb5ea922d56f210c8c35

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 302KB

.data Size: - Virtual size: 31KB

.tls Size: 512B - Virtual size: 9B

.data0 Size: - Virtual size: 2.2MB

.data1 Size: 3.0MB - Virtual size: 3.0MB

.rsrc Size: 239KB - Virtual size: 239KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 302KB

.data
Size: - Virtual size: 31KB

.tls
Size: 512B - Virtual size: 9B

.data0
Size: - Virtual size: 2.2MB

.data1
Size: 3.0MB - Virtual size: 3.0MB

.rsrc
Size: 239KB - Virtual size: 239KB