kbsn1.zip
First submission 2024-10-11 11:15:04
File details
| File type: | Zip archive data, at least v2.0 to extract |
| Mime type: | application/zip |
| File size: | 24821.27 KB (25416976 bytes) |
| MD5: | b5bd7e9f8bc407ffee120057489f7f52 |
| SHA1: | 93f6f41098dec28971277ad7046aa0bf9a140523 |
| SHA256: | b8e8a98af2e41ea76445bf055b124553bddd2311d7765cfddaa0b8137ef2b48f |
File features detected
Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR
OSINT Enrichments
| Virus Total: | 25/76 VT report date: 2024-10-11 06:24:45 |
| Malware Type 2 | trojan downloader |
| Threat Type 3 | lazzzy rugmi zfrvg |
URLs, FQDN and IP indicators 1
| URL | Host (FQDN/IP) | Date Added |
|---|---|---|
hXXps://annoyingfiler.com/requested/kbsn1.zip  |
annoyingfiler.com |
2024-10-11 11:15:04 |
Strings analysis - File found
| Data |
| resource_/Font/Pfm/TypeSupport/Unicode/ICU/icudt26l.dat |
| XML |
| resource_/Font/Pfm/Locals/x64/AdonisUI.ClassicTheme.xml |
| resource_/Font/Pfm/Locals/x86/BouncyCastle.Crypto.xml |
| resource_/Font/Pfm/Locals/x64/AdonisUI.xml |
| Text |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CORPCHAR.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ROMANIAN.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1258.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1253.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ICELAND.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CENTEURO.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/TURKISH.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1254.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CROATIAN.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/ROMAN.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/GREEK.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/SYMBOL.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1252.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/CYRILLIC.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Adobe/symbol.txt |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1257.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1250.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Mac/UKRAINE.TXT |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/Adobe/zdingbat.txt |
| resource_/Font/Pfm/TypeSupport/Unicode/Mappings/win/CP1251.TXT |
| Library |
| resource_/Font/Pfm/Locals/x64/AdonisUI.ClassicTheme.dll |
| Register.dll |
| resource_/Font/Pfm/Locals/x64/AdonisUI.dll |
| resource_/Font/Pfm/Locals/x64/SQLite.Interop.dll |
| resource_/Font/Pfm/opengl64.dll |
| libvlccore.dll |
| resource_/Font/Pfm/Locals/x86/SQLite.Interop.dll |
| resource_/Register.dll |
| resource_/libvlccore.dll |
| resource_/Font/Pfm/Locals/x86/BouncyCastle.Crypto.dll |