b18193c10c0724374da0e246343988465451d6db884623f758a1c1a29a446579[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

b18193c10c0724374da0e246343988465451d6db884623f758a1c1a29a446579.zip
Size

525KB
MD5

f7c93f4b6464105338e49ce425cb789f
SHA1

4bc112888950c364c9277664281fe1037f1f3b34
SHA256

b18193c10c0724374da0e246343988465451d6db884623f758a1c1a29a446579
SHA512

d08225d1588d3e97c511be66662ad2f55d57128af15f7353580f89863ca40c6bf2c9f21ea974cdaf68d44a393e6f7c173534f81198314fefcc83112991405f53
SSDEEP

12288:oMjc25VyUaUFd/IHHHNumIljvIColYHwggNdO0MDhA2tsPbfk0vLrcmg:Vjc25VyUZFpIHNuJljvIHYtw9MtA2tsk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8c27edb9a77712a4e13e8133f233ba34d7182e7823d0408fd12da11c91f94178.exe

Files

b18193c10c0724374da0e246343988465451d6db884623f758a1c1a29a446579.zip
.zip

Password: infected
8c27edb9a77712a4e13e8133f233ba34d7182e7823d0408fd12da11c91f94178.exe
.exe windows:6 windows x86 arch:x86

e617ab7e8f8469efcd6cb187d3073a1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleInputA
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
VirtualProtect
GetProcAddress
LoadLibraryW
EnumTimeFormatsA
OutputDebugStringW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
WriteConsoleW
SetStdHandle
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetProcessHeap
LoadLibraryExW
GetModuleFileNameW
CloseHandle
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetSystemTimeAsFileTime
GetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCommandLineW
RaiseException
RtlUnwind
HeapFree
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
SetFilePointerEx
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DeleteFileW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCurrentThreadId
ReadFile
ReadConsoleW
SetConsoleMode

imm32

ImmSetCompositionFontA
ImmRequestMessageW
ImmEnumRegisterWordW
ImmAssociateContextEx
ImmShowSoftKeyboard
ImmGetProperty

shlwapi

PathAppendA
StrCSpnIA
SHRegCreateUSKeyA
PathMatchSpecW
StrCmpNA

comdlg32

PageSetupDlgW
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontW

wininet

FindFirstUrlCacheEntryW
InternetGoOnline
FindFirstUrlCacheContainerA
HttpQueryInfoW
SetUrlCacheEntryInfoA
DeleteUrlCacheContainerA
ParseX509EncodedCertificateForListBoxEntry
FindNextUrlCacheEntryExW

rtutils

TraceDeregisterExA
RouterLogEventStringW
LogErrorA
TracePrintfA
TraceDeregisterExW
TraceVprintfExA
TraceDeregisterW
LogEventW
TraceRegisterExA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

e617ab7e8f8469efcd6cb187d3073a1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

imm32

shlwapi

comdlg32

wininet

rtutils

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 27KB - Virtual size: 35KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 27KB - Virtual size: 35KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 10KB - Virtual size: 10KB