MagicZipPassRecovery_setup[.]exe

Resubmissions

06-05-2023 07:50

230506-jpc46agd89 7

Sharing

Copy URL

Twitter E-mail

General

Target

MagicZipPassRecovery_setup.exe
Size

5.2MB
MD5

74d0cf0c36c435f01b33dd4a53d66010
SHA1

391255e674658430613dccdc321fee50312a5990
SHA256

847ccefdc0d2f4a1fe87bdf3376ebeb5471b2117ad8ec95232e3d5b3e28efcca
SHA512

ed9a5446262b005586768c15de43fd9295969164e4fa8670b6d14da92e700a713e7dd2b9f5f4f8d269b53b32d01dd73db1f15b8c582b1ca75d8e61c7177adf40
SSDEEP

98304:UmpUN3ghOAuHJENj7nMFyNlD97mNgFQ5D3z2urxAQqRXEYxx8JVgSUAnj/xVZ:BpUGkfCnVDDU5DiuVAXRvj8JDBnj5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MagicZipPassRecovery_setup.exe

Files

MagicZipPassRecovery_setup.exe
.exe windows x86

53b9da5720877407518c17b160260da7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetModuleHandleA
InterlockedExchange
CompareStringA
LoadLibraryA
FreeLibrary
Sleep
WaitForSingleObject
MulDiv
CloseHandle
InterlockedIncrement
InterlockedDecrement
LoadResource
LockResource
SizeofResource
InterlockedCompareExchange
SetEnvironmentVariableA
GetProcessHeap
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetStringTypeA
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateFileA
LCMapStringA
VirtualAlloc
GetOEMCP
GetACP
QueryPerformanceCounter
VirtualFree
SetFilePointer
WriteFile
GetCurrentThreadId
FindResourceA
GetCommandLineW
GetCurrentProcessId
TlsGetValue
TlsSetValue
GetTickCount
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetLastError
ResumeThread
GetCurrentProcess
GetExitCodeProcess
LocalFree
ReadFile
GetModuleFileNameA
GetSystemInfo
GetSystemDefaultLCID
GetUserDefaultLCID
FindClose
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalUnlock
GlobalLock
GetVersionExA
GlobalDeleteAtom
FreeResource
GlobalAlloc
GlobalFree
SetThreadPriority
SetEvent
SuspendThread
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GlobalFlags
LocalAlloc
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
LocalReAlloc
TlsFree
lstrlenA
FlushFileBuffers
SetEndOfFile
SetErrorMode
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
RaiseException
RtlUnwind
ExitProcess
GetConsoleCP
GetConsoleMode
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
HeapSize
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate

user32

AdjustWindowRectEx
GetMenuItemCount
GetMenuItemID
IsWindowVisible
SetForegroundWindow
SetMenu
GetKeyState
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
SetFocus
GetWindowPlacement
SendDlgItemMessageA
MoveWindow
ShowWindow
IsWindowEnabled
CheckMenuItem
EnableMenuItem
GetMenuState
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
WindowFromPoint
ValidateRect
GetActiveWindow
TranslateMessage
InflateRect
GetDesktopWindow
DestroyMenu
GetSysColorBrush
GetWindow
GetSubMenu
EndPaint
BeginPaint
ClientToScreen
ScreenToClient
ExitWindowsEx
CopyRect
PostQuitMessage
GetCursorPos
GetFocus
IsRectEmpty
GetClientRect
InvalidateRect
FillRect
DrawFocusRect
GetDC
ReleaseDC
IsIconic
UnhookWindowsHookEx
EndDialog
ReleaseCapture
IsWindow
RedrawWindow
SetTimer
GetSysColor
OffsetRect
KillTimer
GetParent
PtInRect
SetCapture
SetWindowPlacement
GetDlgCtrlID
GetMenu
SetWindowPos
GetWindowThreadProcessId
SystemParametersInfoA
CallNextHookEx
GetNextDlgTabItem
GetWindowRect
SetCursor
SetRect
UpdateWindow
DrawIcon
GetSystemMetrics
GetCapture

gdi32

SetBkMode
SetBkColor
GetStockObject
CreateBitmap
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
GetCurrentObject
SetPixel
BitBlt
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
CreateSolidBrush
Rectangle
RestoreDC
SaveDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
DeleteObject
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor

shell32

SHGetFolderPathW
ord680
SHGetMalloc

comctl32

_TrackMouseEvent
ord17

shlwapi

PathCombineW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CoCreateGuid
StringFromGUID2
IIDFromString
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

urlmon

URLDownloadToFileW

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
FreeSid
GetTokenInformation
DuplicateToken
CheckTokenMembership
AllocateAndInitializeSid
RegCloseKey

winspool.drv

ClosePrinter

msi

ord45
ord205
ord70

Sections

.text
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

53b9da5720877407518c17b160260da7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

shlwapi

ole32

oleaut32

urlmon

advapi32

winspool.drv

msi

Sections

.text Size: 524KB - Virtual size: 523KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 18KB - Virtual size: 34KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.text
Size: 524KB - Virtual size: 523KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 18KB - Virtual size: 34KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB