df1005f62c74e1f8272eae5073eb0dbffa5fefcb39ce1c78a40ca33b3b888c0d[.]zip

General

Target

df1005f62c74e1f8272eae5073eb0dbffa5fefcb39ce1c78a40ca33b3b888c0d.zip
Size

151KB
MD5

57b846fac99ca0b4e08996a2826a7ecc
SHA1

da0086bb4e01e15c088e385c9840532a9ef0ce09
SHA256

df1005f62c74e1f8272eae5073eb0dbffa5fefcb39ce1c78a40ca33b3b888c0d
SHA512

2790f548b3f375ecce307e272e0e2f677431403df8d5c6bd30cc35ec0e2c8179e87e2205074c6fe1b0a02c8d542ad7367ca8505610d80388485c0259963017f8
SSDEEP

3072:GwSDu9j+HBA4KDn1FfpFahuaieAOg9OcEBiF65EUaHoj4oQvAHb4FYUCo:GwSD4aH24oFfpMgOoOviAWobUFYUCo

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/00272dd639402fa76db43207d074fe52d4849e5d46008f786b944a789b09afc2.exe

df1005f62c74e1f8272eae5073eb0dbffa5fefcb39ce1c78a40ca33b3b888c0d.zip
.zip

Password: infected
00272dd639402fa76db43207d074fe52d4849e5d46008f786b944a789b09afc2.exe
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Loadstone
Phono
DllUnregisterServer
Homopiperonyl
Malamute
DllRegisterServer
Duncishness
Keeling
Befist
Ropeway
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ