APT 37 Previous Commits 2[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

APT 37 Previous Commits 2.7z
Size

5.5MB
MD5

fe56b1e4885a96b49e7908a5bde1d3e1
SHA1

28dc2ffdaad0c575cd694281d6b76778e877c6d2
SHA256

71b8e65d2b3d83388727a6af4e457c4339c7a6ed6aa1e05fac1f74e0c0c775c2
SHA512

406a4cf827f45ff83371b0888f0d75e96125f63ce6bfd7ee044d2a0985705cbc2aa7327d3f4e56b4bac4fc12000cb41e76f2eb2be4ba375a0e2a7f4d7f79e3b0
SSDEEP

98304:bq2AvgK+gJiu82VqmMPrFcmzhmu7U7ns1vL0xNAt/G3TaFh+Irv2UFZ:bqf6gJRVyPremzhans14DaFhrv2Ur

Score

1^/10

Malware Config

Signatures

Files

APT 37 Previous Commits 2.7z
.7z

Password: infected
APT 37 Previous Commits 2/(227183-F)_사업진행상태보고서.hwp
APT 37 Previous Commits 2/BookBriefing.rar
.rar
BookBriefing.chm
.chm
APT 37 Previous Commits 2/CR_20230126.rar
.rar
Password.chm
.chm
후원내역서.pdf
.pdf
APT 37 Previous Commits 2/CV.rar
.rar
APT 37 Previous Commits 2/DBLife-2022_08_05.rar
.rar
APT 37 Previous Commits 2/Details.rar
.rar
APT 37 Previous Commits 2/Documents.rar
.rar
APT 37 Previous Commits 2/DriverSet.rar
.rar
APT 37 Previous Commits 2/Estimate.rar
.rar
APT 37 Previous Commits 2/H2O 견적서.rar
.rar
APT 37 Previous Commits 2/Introduce.rar
.rar
APT 37 Previous Commits 2/Invoice_1514_from_Evo3_Marketing_Inc.rar
.rar
APT 37 Previous Commits 2/K-MOOC 수기 공모 이벤트.hwp
APT 37 Previous Commits 2/KB_20220111.rar
.rar
APT 37 Previous Commits 2/KB_20230126.rar
.rar
APT 37 Previous Commits 2/KakaoBank-N202111.zip
.rar
APT 37 Previous Commits 2/KakaoTalk_20220419_103447534.pdf
.pdf
APT 37 Previous Commits 2/KakaoTalk_20220419_103447534.rar
.rar
APT 37 Previous Commits 2/data-downloadszip.dll
.dll windows x86

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData

kernel32

SetFilePointer
lstrlenA
PeekNamedPipe
AllocConsole
CreateProcessW
SetFilePointerEx
WaitForSingleObject
WriteFile
WideCharToMultiByte
Sleep
GetFileAttributesA
FileTimeToSystemTime
ReadFile
CreateFileW
MultiByteToWideChar
CreateDirectoryA
FindFirstFileW
FindFirstFileA
GetLastError
FindClose
GetLocalTime
CreatePipe
GetModuleFileNameA
FindNextFileA
GetFileTime
ReleaseMutex
CloseHandle
DeleteFileW
DeleteFileA
CreateThread
GetStringTypeW
CreateMutexW
GetFileSize
CreateFileA
GetComputerNameA
GetFileSizeEx
HeapSize
SetEnvironmentVariableA
CompareStringW
LCMapStringW
GetProcessHeap
SetEndOfFile
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
GetCPInfo
RaiseException
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetTimeZoneInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
LoadLibraryW
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW

user32

ShowWindow
wsprintfW
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

shell32

SHGetFolderPathA
CommandLineToArgvW
ShellExecuteW

oleaut32

SysFreeString
SysAllocStringLen

ws2_32

gethostbyname
closesocket
socket
recv
WSACleanup
htons
select
inet_addr
WSAStartup
inet_ntoa
connect
send

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APT 37 Previous Commits 2/data-withoutzip.dll
.dll windows x86

1f0e18ed775ccc8e5756193f37aa1b7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData

kernel32

SetFilePointer
lstrlenA
PeekNamedPipe
AllocConsole
CreateProcessW
SetFilePointerEx
WaitForSingleObject
WriteFile
WideCharToMultiByte
Sleep
GetFileAttributesA
FileTimeToSystemTime
ReadFile
CreateFileW
MultiByteToWideChar
CreateDirectoryA
FindFirstFileW
FindFirstFileA
GetLastError
FindClose
GetLocalTime
CreatePipe
GetModuleFileNameA
FindNextFileA
GetFileTime
ReleaseMutex
CloseHandle
DeleteFileW
DeleteFileA
CreateThread
GetStringTypeW
CreateMutexW
GetFileSize
CreateFileA
GetComputerNameA
GetFileSizeEx
HeapSize
SetEnvironmentVariableA
CompareStringW
LCMapStringW
GetProcessHeap
SetEndOfFile
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
GetCPInfo
RaiseException
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapFree
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetTimeZoneInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
LoadLibraryW
RtlUnwind
SetStdHandle

user32

wsprintfW
FindWindowA
ShowWindow

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

shell32

CommandLineToArgvW
SHGetFolderPathA
ShellExecuteW
SHGetKnownFolderPath

oleaut32

SysAllocStringLen
SysFreeString

ws2_32

WSAStartup
send
connect
gethostbyname
closesocket
socket
recv
WSACleanup
htons
select
inet_ntoa
inet_addr

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APT 37 Previous Commits 2/data-withoutzipandc.dll
.dll windows x86

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData

kernel32

SetFilePointer
lstrlenA
PeekNamedPipe
AllocConsole
CreateProcessW
SetFilePointerEx
WaitForSingleObject
WriteFile
WideCharToMultiByte
Sleep
GetFileAttributesA
FileTimeToSystemTime
ReadFile
CreateFileW
MultiByteToWideChar
CreateDirectoryA
FindFirstFileW
FindFirstFileA
GetLastError
FindClose
GetLocalTime
CreatePipe
GetModuleFileNameA
FindNextFileA
GetFileTime
ReleaseMutex
CloseHandle
DeleteFileW
DeleteFileA
CreateThread
GetStringTypeW
CreateMutexW
GetFileSize
CreateFileA
GetComputerNameA
GetFileSizeEx
HeapSize
SetEnvironmentVariableA
CompareStringW
LCMapStringW
GetProcessHeap
SetEndOfFile
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
GetCPInfo
RaiseException
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetTimeZoneInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
LoadLibraryW
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW

user32

ShowWindow
wsprintfW
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

shell32

SHGetFolderPathA
CommandLineToArgvW
ShellExecuteW

oleaut32

SysFreeString
SysAllocStringLen

ws2_32

gethostbyname
closesocket
socket
recv
WSACleanup
htons
select
inet_addr
WSAStartup
inet_ntoa
connect
send

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APT 37 Previous Commits 2/db-fi.rar
.rar
APT 37 Previous Commits 2/dbins_secure (1).rar
.rar
APT 37 Previous Commits 2/dbins_secure.rar
.rar
APT 37 Previous Commits 2/email_1649225531086.rar
.rar
APT 37 Previous Commits 2/enkis.rar
.rar
APT 37 Previous Commits 2/final exam questions 2022 summer KED.rar
.rar
APT 37 Previous Commits 2/hi_security_mail.rar
.rar
APT 37 Previous Commits 2/issue.rar
.rar

Sharing

General

Malware Config

Signatures

Files

Password: infected

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

user32

advapi32

shell32

oleaut32

ws2_32

Sections

.text Size: 233KB - Virtual size: 233KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

1f0e18ed775ccc8e5756193f37aa1b7d

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

user32

advapi32

shell32

oleaut32

ws2_32

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 7KB

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

user32

advapi32

shell32

oleaut32

ws2_32

Sections

.text Size: 229KB - Virtual size: 229KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 233KB - Virtual size: 233KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 229KB - Virtual size: 229KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB