Acrepi-v1[.]0[.]7[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Acrepi-v1.0.7.zip
Size

59.8MB
MD5

8fe778fd2854260b19e2c6e245b506b7
SHA1

214ab083a7243e981d01bc0059d9bec36ff02ec6
SHA256

f96249d7255229db903f4380fc5c5f6df4ecd288204b1608fd28e47a5e2f4a62
SHA512

60ef3003e0eff7ff1f9d02ff8f3084ec2a51f3dbced29c79dfba950ed2c91e69dcee4c1b5d0a0cb009f63fd1930439efe6a7a99809c25477a2212f6b39aca3bf
SSDEEP

1572864:KenVH3huNkVVFBFx9qNxT3AJti3uYuWliCMx1vZS5lWeFB3oi:39cmvz9qN9ei37lipS5lx3v

Score

1^/10

Malware Config

Signatures

Files

Acrepi-v1.0.7.zip
.zip
CLibrary.dll
.dll windows x64

6611ee2a03e4c9d58d308dd7aa98f20c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlLookupFunctionEntry

shlwapi

StrCmpLogicalW

kernel32

lstrcmpiW
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetClipboardData
CharUpperBuffW

gdi32

GetDeviceCaps

advapi32

RegGetValueW

shell32

ShellExecuteA

msvcp140

?_Throw_C_error@std@@YAXH@Z

msvcp140_codecvt_ids

?id@?$codecvt@_SDU_Mbstatet@@@std@@2V0locale@2@A

imm32

ImmReleaseContext

d3dcompiler_47

D3DCompile

d3d11

D3D11CreateDeviceAndSwapChain

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__RTDynamicCast

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

malloc

api-ms-win-crt-string-l1-1-0

strcoll

api-ms-win-crt-math-l1-1-0

_ldclass

api-ms-win-crt-filesystem-l1-1-0

_lock_file

api-ms-win-crt-stdio-l1-1-0

ungetc

api-ms-win-crt-convert-l1-1-0

strtoll

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

Sections

.text
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taigaBa
Size: - Virtual size: 67.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.taigaBa
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taigaBa
Size: 59.3MB - Virtual size: 59.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
injector.exe
.exe windows x64

7a3bf78dbd46e3c0f7d73a641958b584

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Process32First
CreateToolhelp32Snapshot
Process32Next
GetExitCodeProcess
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualFreeEx
WaitForSingleObject
DeleteProcThreadAttributeList
LocalFree
GetStdHandle
SetConsoleTextAttribute
ReleaseSRWLockShared
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
UpdateProcThreadAttribute
CloseHandle
GetLastError
Sleep
OpenProcess
ResumeThread
InitializeProcThreadAttributeList
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
AcquireSRWLockExclusive
AcquireSRWLockShared
SetCurrentDirectoryW
GetCurrentDirectoryW
AreFileApisANSI
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
ReleaseSRWLockExclusive

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
RegGetValueW
CreateProcessAsUserA

msvcp140

??0_Locinfo@std@@QEAA@PEBD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Xtime_get_ticks
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??Bid@locale@std@@QEAA_KXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Strcoll
?_Syserror_map@std@@YAPEBDH@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
_Strxfrm
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Locinfo@std@@QEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memmove
memcmp
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
strchr
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context
memset

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
malloc
_callnewh
realloc

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_c_exit
_cexit
_seh_filter_exe
_initterm
_initterm_e
exit
__p___argv
terminate
_exit
_crt_atexit
_configure_narrow_argv
__p___argc
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_narrow_environment
_get_initial_narrow_environment
system

api-ms-win-crt-stdio-l1-1-0

fseek
__stdio_common_vsprintf
fclose
fputs
ftell
fread
__acrt_iob_func
_set_fmode
setvbuf
fsetpos
_fseeki64
fgetpos
fwrite
fgetc
ungetc
fputc
__stdio_common_vsprintf_s
_get_stream_buffer_pointers
fopen_s
__p__commode
__stdio_common_vfprintf
fflush

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

api-ms-win-crt-time-l1-1-0

_gmtime64_s

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6611ee2a03e4c9d58d308dd7aa98f20c

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

kernel32

user32

gdi32

advapi32

shell32

msvcp140

msvcp140_codecvt_ids

imm32

d3dcompiler_47

d3d11

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

Sections

.text Size: - Virtual size: 2.6MB

.rdata Size: - Virtual size: 1.1MB

.data Size: - Virtual size: 213KB

.pdata Size: - Virtual size: 101KB

.detourc Size: - Virtual size: 8KB

.detourd Size: - Virtual size: 24B

.taigaBa Size: - Virtual size: 67.6MB

.taigaBa Size: 5KB - Virtual size: 4KB

.taigaBa Size: 59.3MB - Virtual size: 59.3MB

.reloc Size: 512B - Virtual size: 212B

.rsrc Size: 512B - Virtual size: 233B

7a3bf78dbd46e3c0f7d73a641958b584

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 229KB - Virtual size: 229KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 512B - Virtual size: 468B

.text
Size: - Virtual size: 2.6MB

.rdata
Size: - Virtual size: 1.1MB

.data
Size: - Virtual size: 213KB

.pdata
Size: - Virtual size: 101KB

.detourc
Size: - Virtual size: 8KB

.detourd
Size: - Virtual size: 24B

.taigaBa
Size: - Virtual size: 67.6MB

.taigaBa
Size: 5KB - Virtual size: 4KB

.taigaBa
Size: 59.3MB - Virtual size: 59.3MB

.reloc
Size: 512B - Virtual size: 212B

.rsrc
Size: 512B - Virtual size: 233B

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 229KB - Virtual size: 229KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 512B - Virtual size: 468B