ShellterPro[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

ShellterPro.rar
Size

1.0MB
MD5

ac41312f19250d7e5eced078880c4171
SHA1

c36c9799eed897360802ad7251cb10b488e12fc7
SHA256

f98128eb4a081335c57c6d4dea666e2bbccafb6772d5844122cb9d4f5ec28700
SHA512

03dd56ba3253c22383c0ad585f794b939622b0046535e4dc4a8779d5a39a060acbfd372fba9d9327a53fb2aa6a9dc2bf60354130c536059e6a923b9e9a4b8759
SSDEEP

24576:BBB5ydlu/dwx29evgyWHXOUp45u9SKKMYVOe:BBB5ydl5x28vgJXLF9eMYL

Score

1^/10

Malware Config

Signatures

Files

ShellterPro.rar
.rar
ShellterPro/ShellterPro-org.exe
.exe windows x86

42c5302f61d05e539ea08edb56aa518b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
CreateDirectoryA
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
ReadProcessMemory
FreeLibrary
UnmapViewOfFile
SetFileAttributesA
CreateFileMappingW
MapViewOfFile
IsBadCodePtr
SetConsoleTextAttribute
GetStdHandle
TerminateProcess
WaitForSingleObject
DebugActiveProcessStop
CopyFileA
CreateProcessA
GetExitCodeProcess
FormatMessageA
GetTickCount
WaitForDebugEvent
DeleteFileA
ResumeThread
ContinueDebugEvent
SetConsoleCtrlHandler
GetCommandLineA
Sleep
CreateThread
LocalFree
WriteProcessMemory
GetThreadContext
SetThreadContext
GetConsoleScreenBufferInfo
SetConsoleTitleA
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetVersion
GetConsoleWindow
Thread32Next
Thread32First
CreateToolhelp32Snapshot
OpenThread
OpenEventA
HeapSize
WriteConsoleW
HeapReAlloc
SetFilePointerEx
CreateFileA
GetLastError
SetFilePointer
WriteFile
SuspendThread
ReadFile
ReadConsoleW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
CreateFileW
GetConsoleMode
GetConsoleCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetCommandLineW
GetACP
HeapAlloc
HeapFree
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers

user32

GetWindowRect
SetWindowPos
GetDesktopWindow

advapi32

CryptGenRandom
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CryptAcquireContextA

shlwapi

PathFindFileNameA

imagehlp

ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData
MapAndLoad
MapFileAndCheckSumA
UnMapAndLoad
ImageRvaToSection

wininet

InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetCloseHandle

ws2_32

htons
inet_addr
WSACleanup
WSAStartup

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ShellterPro/ShellterPro.exe
.exe windows x86

42c5302f61d05e539ea08edb56aa518b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetFileSize
CreateDirectoryA
GetCurrentProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
ReadProcessMemory
FreeLibrary
UnmapViewOfFile
SetFileAttributesA
CreateFileMappingW
MapViewOfFile
IsBadCodePtr
SetConsoleTextAttribute
GetStdHandle
TerminateProcess
WaitForSingleObject
DebugActiveProcessStop
CopyFileA
CreateProcessA
GetExitCodeProcess
FormatMessageA
GetTickCount
WaitForDebugEvent
DeleteFileA
ResumeThread
ContinueDebugEvent
SetConsoleCtrlHandler
GetCommandLineA
Sleep
CreateThread
LocalFree
WriteProcessMemory
GetThreadContext
SetThreadContext
GetConsoleScreenBufferInfo
SetConsoleTitleA
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetVersion
GetConsoleWindow
Thread32Next
Thread32First
CreateToolhelp32Snapshot
OpenThread
OpenEventA
HeapSize
WriteConsoleW
HeapReAlloc
SetFilePointerEx
CreateFileA
GetLastError
SetFilePointer
WriteFile
SuspendThread
ReadFile
ReadConsoleW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
CreateFileW
GetConsoleMode
GetConsoleCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetCommandLineW
GetACP
HeapAlloc
HeapFree
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers

user32

GetWindowRect
SetWindowPos
GetDesktopWindow

advapi32

CryptGenRandom
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CryptAcquireContextA

shlwapi

PathFindFileNameA

imagehlp

ImageNtHeader
ImageRvaToVa
ImageDirectoryEntryToData
MapAndLoad
MapFileAndCheckSumA
UnMapAndLoad
ImageRvaToSection

wininet

InternetOpenUrlW
InternetOpenW
InternetReadFile
InternetCloseHandle

ws2_32

htons
inet_addr
WSACleanup
WSAStartup

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ShellterPro/ShellterPro.sig
ShellterPro/ShellterPro_SHA256.txt
ShellterPro/docs/ReadThisFirst!.txt
ShellterPro/docs/Shellter_Basic_Features.pdf
.pdf
ShellterPro/docs/Shellter_Pro_Exclusive_Features.pdf
.pdf
ShellterPro/docs/credits.txt
ShellterPro/docs/faq.txt
ShellterPro/docs/version_history.pdf
.pdf
ShellterPro/license.dat
ShellterPro/licenses/BeaEngine_License.pdf
.pdf
ShellterPro/licenses/BeaEngine_License.png
.png
ShellterPro/licenses/BeaEngine_License.txt
ShellterPro/licenses/Portable_C++_Hashing_Library_License.pdf
.pdf
ShellterPro/licenses/Portable_C++_Hashing_Library_License.png
.png
ShellterPro/licenses/Portable_C++_Hashing_Library_License.txt
ShellterPro/licenses/ShellterPro_License.pdf
.pdf
ShellterPro/licenses/ShellterPro_License.txt
ShellterPro/openssl_pub/public_key.pem
ShellterPro/readme.txt
ShellterPro/verify_sign.txt

Sharing

General

Malware Config

Signatures

Files

42c5302f61d05e539ea08edb56aa518b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

imagehlp

wininet

ws2_32

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 260KB - Virtual size: 263KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 23KB - Virtual size: 22KB

42c5302f61d05e539ea08edb56aa518b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

imagehlp

wininet

ws2_32

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 260KB - Virtual size: 263KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 260KB - Virtual size: 263KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 23KB - Virtual size: 22KB

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 260KB - Virtual size: 263KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 23KB - Virtual size: 22KB