DON'T EXECUTE
EDD41B4A819F917F81203424730AAF0C24CC95E40ACFC0F1BD90B11DADF58015.zip and payload.zip archive contains software that is going to interact with your computer and files. This software has been intentionally included for educational purposes and is NOT intended to be executed or used otherwise.Always handle such files in isolated, controlled, and secure environments.
Password: infected
PLEASE EXERCISE EXTREME CAUTION!
The purpose of this malware is to decrypt an embedded payload using a custom stream cipher (with "UUUUUUUU" as the key), and then inject and execute this payload as a remote thread into a process launched by explorer.exe by dynamically loading necessary functions (VirtualAllocEx, WriteProcessMemory, CreateRemoteThread) at runtime to evade detection.
More details are given in the report.