5dcdd9b2e6f81b11f4e4d0cb96709286deac6c8a8385d473f17d599ee55c150f[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

5dcdd9b2e6f81b11f4e4d0cb96709286deac6c8a8385d473f17d599ee55c150f.zip
Size

141KB
MD5

2e1de99ee3efc3bf1d730efb9ce6cb89
SHA1

810a766e9a7ab6f5129bbdb5793ddc2180100b2d
SHA256

3478077ba1325b1b78f026b86271dfd41ebf844344d9829f66c7b317de737f3e
SHA512

bc94d8dc9260b5de1dcfdc3a2d7ad339fbcde59445a2a86f1a102edc89e31e938f99aecb1353b99bdd81d9a02719320f3ce246206d7eb3dedb502de0e7d31947
SSDEEP

3072:QHfNEVz81SvNod3SemMgsuITmylE9KzcmgjHBuRQrNMqu3viwE0K4:6+Vz8uONr3g7I6n9Kzc1HBu+riqCiVH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5dcdd9b2e6f81b11f4e4d0cb96709286deac6c8a8385d473f17d599ee55c150f.exe

Files

5dcdd9b2e6f81b11f4e4d0cb96709286deac6c8a8385d473f17d599ee55c150f.zip
.zip

Password: infected
5dcdd9b2e6f81b11f4e4d0cb96709286deac6c8a8385d473f17d599ee55c150f.exe
.exe windows:5 windows x86 arch:x86

a738f70ddfe8b728e3a778b20cdcc17b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\wacuxid\nonuwiru\meyidaxiye\xititehawiyol28\sesiredifuxina.pdb

Imports

kernel32

CopyFileExW
CallNamedPipeA
SetWaitableTimer
InterlockedIncrement
GetCommState
InterlockedDecrement
GetProfileStringW
FreeEnvironmentStringsA
CreateNamedPipeW
LocalFlags
ReadConsoleOutputA
SetProcessPriorityBoost
GetSystemTimes
ActivateActCtx
GlobalAlloc
GetPrivateProfileIntA
GetSystemDirectoryW
GetVolumeInformationA
LoadLibraryW
TerminateThread
GetConsoleAliasExesLengthW
HeapDestroy
LeaveCriticalSection
FileTimeToSystemTime
GetCompressedFileSizeA
lstrlenW
LCMapStringA
InterlockedExchange
FindFirstChangeNotificationW
SetThreadLocale
GetCPInfoExW
FreeLibraryAndExitThread
GetLastError
GetCurrentDirectoryW
SetLastError
GetProcAddress
SetStdHandle
LoadLibraryA
OpenMutexA
CreateSemaphoreW
WritePrivateProfileStringA
FindAtomA
GetModuleFileNameA
GetThreadPriority
CreateIoCompletionPort
GetModuleHandleA
HeapSetInformation
FindNextFileW
WriteProfileStringW
GetCurrentThreadId
TlsAlloc
LocalSize
FindAtomW
EnumResourceLanguagesW
SetFileValidData
GetSystemTime
GetProfileSectionW
GetThreadContext
GetStartupInfoA
GetCommandLineW
GetCommandLineA
HeapValidate
IsBadReadPtr
RaiseException
EnterCriticalSection
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleHandleW
Sleep
ExitProcess
TlsGetValue
TlsSetValue
TlsFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
RtlUnwind
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
DebugBreak
OutputDebugStringA
OutputDebugStringW
LCMapStringW
CreateFileA
CloseHandle
FlushFileBuffers

advapi32

InitiateSystemShutdownA
ImpersonateSelf

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

a738f70ddfe8b728e3a778b20cdcc17b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 67KB - Virtual size: 123KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 67KB - Virtual size: 123KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 14KB - Virtual size: 13KB