imgpaper[.]png[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

imgpaper.png.7z
Size

315KB
MD5

4ad693318f8ef8d9be3f83af38a2db5e
SHA1

7e76d59e5568d90768d6fdadf3f6c7e9c48e7fb2
SHA256

92a6d5ada5afbd62236afb4269cb64f27ad9b26126e0ee4deb7aee058460fa20
SHA512

1e9c7535ac50f18b1de69b4448dca7a1f427b2152798fbfaf0ace17015d6c8fe65ad2a02ab36dc7a58da68070b13c1b0dfe277b0470061314121a291011a764d
SSDEEP

6144:304uXmwXeIjgYDm+EdggbqMvsVSeYKFFnm2E/W82nLzzV1opELYG2jvZ:304uWwQYDm+zgbdvnhonE2nLtGpEsG2j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/imgpaper.png

Files

imgpaper.png.7z
.7z

Password: infected
imgpaper.png
.exe windows x86

63d656bce327d52100cd4b1fdda09ce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
IsBadReadPtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
Sleep
GetProfileStringA
InterlockedExchange
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
TerminateProcess
RaiseException
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetCurrentDirectoryA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetProcessVersion
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CloseHandle
GetModuleFileNameA
GlobalAlloc
GetCurrentProcess
GetCurrentThread
lstrcmpA
LocalFree
SetLastError
MulDiv
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcpynA
GetFileAttributesA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
LockResource
GlobalFree
LoadLibraryExW
FindResourceA
LoadResource
SizeofResource
SetStdHandle

user32

IsZoomed
RedrawWindow
SetCursorPos
SetParent
AppendMenuA
DeleteMenu
GetSystemMenu
PostQuitMessage
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
GetSysColorBrush
GetClassNameA
CharUpperA
GetTabbedTextExtentA
SetTimer
KillTimer
WindowFromPoint
InvertRect
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
DestroyIcon
GetDesktopWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
IsRectEmpty
FindWindowA
GetCursorPos
InvalidateRect
FillRect
LoadCursorA
SetCursor
DestroyCursor
GetDC
ReleaseDC
wvsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
LoadIconA
SendDlgItemMessageA
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BringWindowToTop
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
EnableWindow
SetCapture
ReleaseCapture
GetNextDlgTabItem
EndDialog
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowRect
MapDialogRect
SetWindowPos
ShowWindow
PostMessageA
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
BeginDeferWindowPos
DestroyMenu
GetWindowLongA
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetParent
GetSystemMetrics
InflateRect
OffsetRect
SetRect
UpdateWindow
PtInRect
MapWindowPoints

gdi32

SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
CreateRectRgn
SelectObject
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetRectRgn
CombineRgn
CreateFontIndirectA
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
GetTextExtentPoint32A
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
BitBlt
RestoreDC
SaveDC
LPtoDP
DeleteDC
CreateDCA
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
GetViewportOrgEx
GetStockObject
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
Ellipse
Rectangle
GetTextMetricsA
CreatePen
DPtoLP
CreateDIBitmap
GetTextExtentPointA
GetDeviceCaps

comdlg32

PrintDlgA
GetFileTitleA
CommDlgExtendedError
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueA
GetFileSecurityA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
SetFileSecurityA
RegCreateKeyA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
ExtractIconA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

63d656bce327d52100cd4b1fdda09ce5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 196KB - Virtual size: 193KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 196KB - Virtual size: 193KB