UniExtract[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

UniExtract.exe
Size

3.3MB
MD5

0084bf392783ef27421b583272304af8
SHA1

2160666a290e36c19b229774882ef0c383ea6dcd
SHA256

bda4640ab5cc954a219cab54f4b6b9a91eb211a91d989586567a99acce8666e8
SHA512

2707739b66a82d240b0d2f846ff13b7324ad14711e6bcbef8091a86e4ebabd8815a7450316e5fadfc5f10901dce88116817a45364255773407df7ac682073926
SSDEEP

98304:0TnXWY5NL6153K1vkKqISRa45RsHoLNcaCS3IPWH1DeiD2ecsQ2:0h3L61upqjRa45RsHoBmS4PWDKeVP

Score

1^/10

Malware Config

Signatures

Files

UniExtract.exe
.exe windows x86

460d7103b298f4e1b12657d21f9d85e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutSetVolume
timeGetTime
mciSendStringW

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_exit
__p__commode
__p__fmode
__set_app_type
_controlfp
_except_handler3
_adjust_fdiv

mpr

WNetGetConnectionW
WNetCancelConnection2W
WNetUseConnectionW

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_Destroy

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetQueryDataAvailable
InternetOpenW
InternetOpenUrlW
InternetCrackUrlW
InternetQueryOptionW
InternetCloseHandle
HttpSendRequestW
HttpQueryInfoW
HttpOpenRequestW
InternetReadFile
InternetSetOptionW
InternetConnectW

kernel32

CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnumResourceNamesW
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentDirectoryW
GetDateFormatA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocalTime
GetModuleFileNameA
CreateProcessW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameW
SetSystemPowerState
GetTempPathW
GetTimeFormatA
GetTimeZoneInformation
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LockResource
lstrcmpiW
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceFrequency
RaiseException
ReadFile
ReadProcessMemory
RemoveDirectoryW
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeLabelW
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAllocEx
VirtualFreeEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileSectionW
WritePrivateProfileStringW
WriteProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreatePipe
CreateFileW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsValidCodePage
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetStdHandle
GetModuleFileNameW

user32

GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyState
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetParent
GetProcessWindowStation
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetUserObjectSecurity
GetWindowDC
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
InvalidateRect
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
keybd_event
KillTimer
LoadCursorW
LoadIconW
LoadImageW
LoadStringW
LockWindowUpdate
MapVirtualKeyW
MessageBeep
MessageBoxA
MessageBoxW
mouse_event
MoveWindow
OpenClipboard
OpenDesktopW
OpenWindowStationW
PeekMessageW
FlashWindow
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassExW
RegisterHotKey
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
GetCursorPos
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemInfoW
SetProcessWindowStation
SetRect
SetTimer
SetUserObjectSecurity
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnregisterHotKey
VkKeyScanW
WindowFromPoint
wsprintfW
DefWindowProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateIconFromResourceEx
CreateAcceleratorTableW
CountClipboardFormats
CopyRect
CopyImage
CloseWindowStation
CloseDesktop
CloseClipboard
ClientToScreen
CheckMenuRadioItem
CharUpperBuffW
CharNextW
CharLowerBuffW
BeginPaint
AttachThreadInput
GetWindowLongW
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetCaretPos
GetAsyncKeyState
GetActiveWindow
FindWindowW
FindWindowExW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndDialog
EnableWindow
EmptyClipboard
DrawTextW
DrawMenuBar
DrawFrameControl
DrawFocusRect
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
SendDlgItemMessageW
FrameRect
PostMessageW
DeleteMenu
DefDlgProcW

gdi32

SetBkColor
SetBkMode
SetPixel
SetTextColor
SetViewportOrgEx
StretchBlt
StrokeAndFillPath
StrokePath
SelectObject
CreateCompatibleDC
CreateDCW
CreateFontW
CreateSolidBrush
DeleteDC
Ellipse
ExtCreatePen
GetDeviceCaps
GetDIBits
GetObjectW
GetPixel
GetStockObject
GetTextExtentPoint32W
GetTextFaceW
LineTo
MoveToEx
PolyDraw
Rectangle
RoundRect
CreateCompatibleBitmap

advapi32

RegConnectRegistryW
OpenThreadToken
OpenSCManagerW
OpenProcessToken
LookupPrivilegeValueW
LogonUserW
LockServiceDatabase
InitializeSecurityDescriptor
InitializeAcl
GetUserNameW
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
DuplicateTokenEx
CreateProcessAsUserW
CopySid
CloseServiceHandle
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetSecurityDescriptorDacl
UnlockServiceDatabase

shell32

SHEmptyRecycleBinW
ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW
ExtractIconExW
DragQueryPoint
DragQueryFileW
SHFileOperationW

ole32

CoTaskMemFree
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
IIDFromString
MkParseDisplayName
OleInitialize
CoTaskMemAlloc
OleSetMenuDescriptor
OleUninitialize
StringFromCLSID
StringFromIID
CoCreateInstance
CLSIDFromString
OleSetContainedObject
CoInitialize

oleaut32

SafeArrayCreate

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

data0
Size: 4KB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls0
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zip29
Size: 961KB - Virtual size: 963KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

460d7103b298f4e1b12657d21f9d85e5

Headers

File Characteristics

Imports

winmm

msvcrt

mpr

comctl32

version

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 11KB

data0 Size: 4KB - Virtual size: 14.0MB

.tls0 Size: 8KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 10KB

.zip29 Size: 961KB - Virtual size: 963KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 11KB

data0
Size: 4KB - Virtual size: 14.0MB

.tls0
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 10KB

.zip29
Size: 961KB - Virtual size: 963KB