2f00d00fa96449c6c3b2bdb295f48eaea7aba066831efa13e05894992ae5f866[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

2f00d00fa96449c6c3b2bdb295f48eaea7aba066831efa13e05894992ae5f866.zip
Size

153KB
MD5

960f9187f7581b3abeb8f97ce76d6d36
SHA1

b1a57683b7fa1db1d6ca18d931e16ef88d0f617e
SHA256

2f00d00fa96449c6c3b2bdb295f48eaea7aba066831efa13e05894992ae5f866
SHA512

0784cbfa8df58c9fb3d11aae36b63e12bf9efeafaf2dc5c5ad7ae9a7a1b8af5bb3d2f365a09f6d969d34399e81efcf00fd2251078e56dd8e448cc0442906e1b4
SSDEEP

3072:NRgLXUZCStc02sRSgOK0HxtwPVXcZjEJ/gj0tn245itGLLWYm:NRKXUIgcdsR0BXXeIUn2Wikm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/test_loading.exe

Files

2f00d00fa96449c6c3b2bdb295f48eaea7aba066831efa13e05894992ae5f866.zip
.zip
test_loading.exe
.exe windows:6 windows x64 arch:x64

525bc932bb9597f15e65c00eca662006

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\memexec\test_loading\target\release\deps\test_loading.pdb

Imports

user32

MessageBoxA

kernel32

GetConsoleOutputCP
HeapSize
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetProcessHeap
HeapFree
FlsGetValue
FlsAlloc
LoadLibraryExA
FreeLibrary
GetLastError
FormatMessageW
WaitForSingleObject
HeapAlloc
GetProcAddress
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
AddVectoredExceptionHandler
SetThreadStackGuarantee
CreateWaitableTimerExW
SetWaitableTimer
Sleep
QueryPerformanceCounter
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
LoadLibraryA
GetCPInfo
GetCommandLineW
FlushFileBuffers
SetFileInformationByHandle
SetFilePointerEx
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetCommandLineA
GetModuleHandleExW
WriteFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStdHandle
CloseHandle
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TerminateProcess
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
LeaveCriticalSection
HeapReAlloc
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseMutex
GetModuleHandleA
FindNextFileW
FindClose
CreateFileW
EnterCriticalSection
EncodePointer
GetConsoleMode
GetFileType
RaiseException
RtlPcToFileHeader
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
ExitProcess
GetFullPathNameW
MultiByteToWideChar
WriteConsoleW
WideCharToMultiByte
CreateThread
GetCurrentThread
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
CreateMutexA
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId

ole32

CoInitializeEx
CoInitializeSecurity

oleaut32

SysStringLen
SysFreeString
GetErrorInfo

ntdll

NtWriteFile
RtlNtStatusToDosError

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

525bc932bb9597f15e65c00eca662006

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

ole32

oleaut32

ntdll

Sections

.text Size: 197KB - Virtual size: 196KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 10KB - Virtual size: 9KB

_RDATA Size: 512B - Virtual size: 500B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 197KB - Virtual size: 196KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 512B - Virtual size: 500B

.reloc
Size: 3KB - Virtual size: 2KB