1913ce07595b2c02ee1c881aac19553dba345badcf65552935149f042c3bad27[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

1913ce07595b2c02ee1c881aac19553dba345badcf65552935149f042c3bad27.zip
Size

322KB
MD5

89922c5374c9450451d20f06328fa80f
SHA1

a8e6cf1b90a3a2313de9c3680b07a9f0b4b90248
SHA256

1913ce07595b2c02ee1c881aac19553dba345badcf65552935149f042c3bad27
SHA512

d6386e5a765f77a633d2d60955caad827989b1ae255c8770435366d052c0a2025376f5e6d0b2cab864871af1a5e532dee18fe63000238571e90eb459b9dec38a
SSDEEP

6144:Xqvg/bldlrPUMf9PMdnznRH0LDXQwsqGk64fpRSTfpQ03H6Lm0d8SZf5T:XXBTMMfKzZUQArqQ02VdzZf5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Nota di consegna_TVX507CX.exe

Files

1913ce07595b2c02ee1c881aac19553dba345badcf65552935149f042c3bad27.zip
.zip

Password: infected
abd69b19ba0706ed1261c3f68ef09fee778dad3d26fbd265274cb0615f1ca1ff.iso
.iso
Nota di consegna_TVX507CX.exe
.exe windows:5 windows x86 arch:x86

3e7d0889db652d45e833a59756f3f4f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
WriteConsoleOutputCharacterW
lstrcmp
FindFirstVolumeMountPointW
SetConsoleMode
ReadConsoleInputA
GetProcessHeap
SetEndOfFile
CreateFileW
CreateFileA
SetStdHandle
WriteConsoleW
LoadLibraryW
HeapReAlloc
GetStringTypeW
CreatePipe
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
HeapCreate
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
ExitProcess
GetFileType
CreateJobObjectW
InitializeCriticalSectionAndSpinCount
IsValidLocale
GetStdHandle
SetHandleCount
LocalCompact
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
RaiseException
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
HeapAlloc
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent

comdlg32

ChooseColorA
PageSetupDlgA
FindTextA
GetOpenFileNameA

rtutils

TracePrintfExW
RouterLogRegisterA
TraceRegisterExA
TraceDumpExA

loadperf

UnloadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsW
LoadPerfCounterTextStringsA

msacm32

acmDriverAddW
acmFormatTagEnumW
acmFormatTagDetailsW
acmDriverDetailsW
acmDriverMessage
acmStreamConvert
acmFormatChooseA
acmStreamMessage

user32

UnpackDDElParam
ChangeMenuA
GetMenuState
LoadIconW
IsCharAlphaA
GetClipCursor
CreateMDIWindowA
OemToCharBuffW

shlwapi

StrCatW
PathUnmakeSystemFolderW
UrlHashW
SHRegOpenUSKeyW
UrlApplySchemeW
UrlCombineW
SHRegEnumUSKeyW
StrDupW

msvfw32

DrawDibSetPalette
MCIWndCreate
DrawDibGetBuffer
ICSeqCompressFrame

avifil32

AVIStreamWrite
AVIFileAddRef

Sections

.code
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

3e7d0889db652d45e833a59756f3f4f1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

rtutils

loadperf

msacm32

user32

shlwapi

msvfw32

avifil32

Sections

.code Size: 125KB - Virtual size: 124KB

.data Size: 153KB - Virtual size: 152KB

.rsrc Size: 223KB - Virtual size: 222KB

.reloc Size: 9KB - Virtual size: 9KB

.code
Size: 125KB - Virtual size: 124KB

.data
Size: 153KB - Virtual size: 152KB

.rsrc
Size: 223KB - Virtual size: 222KB

.reloc
Size: 9KB - Virtual size: 9KB