Static task
static1
General
-
Target
El regreso de Kaiba by Mrcarkkk.exe
-
Size
2.0MB
-
MD5
622f5ba77b7cd412fbb97c35c6fba320
-
SHA1
ea99dcd14482675c43fd9e5c350c1a86c3f48a9a
-
SHA256
a6b79ce08f00647c2ada5fd43bb80a15ee285a14c60f22d47dc6223f21a68d5b
-
SHA512
8108762fed477a78426e25ce3257402124a5e904db0aab32e6b700275447903dc57775f1e02f59e785ecf82a4a7bcb70a7d25b651602bce4c0e3f5d47436db74
-
SSDEEP
49152:hMIgeId4j8i+1tK4J3AS1mdFT5eRL5PYj60YH:hM9eIs8DtBAReRLJYjLYH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource El regreso de Kaiba by Mrcarkkk.exe
Files
-
El regreso de Kaiba by Mrcarkkk.exe.exe windows x86
73f4fd99b779a9c0fd608044a8c83822
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTempFileNameA
GetTempPathA
GetCurrentDirectoryA
lstrcatA
lstrlenA
WriteFile
lstrcmpA
lstrcpyA
GetModuleHandleA
lstrcpynA
LocalFree
LocalUnlock
LocalLock
CreateMutexA
ReleaseMutex
GetModuleFileNameA
FindResourceA
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
IsBadWritePtr
DeleteFileA
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
ExitThread
TlsSetValue
CreateThread
ResumeThread
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
HeapFree
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
FindFirstFileA
FindNextFileA
FindClose
GetCurrentThreadId
CreateFileA
GetFileSize
ReadFile
SetFilePointer
GlobalFree
GlobalAlloc
GlobalSize
GlobalReAlloc
GetLastError
CreateEventA
InitializeCriticalSection
WaitForSingleObject
CloseHandle
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MulDiv
CreateDirectoryA
GetTickCount
Sleep
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
VirtualAlloc
SetEnvironmentVariableA
user32
ToAscii
CheckMenuItem
GetMenu
GetMenuState
DrawMenuBar
GetActiveWindow
SendMessageA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
PostMessageA
MapVirtualKeyA
wvsprintfA
ReleaseDC
GetDC
AdjustWindowRect
GetCursorPos
EndPaint
BeginPaint
OffsetRect
ClientToScreen
GetWindow
GetWindowRect
GetTopWindow
ScreenToClient
EnumWindows
GetKeyboardLayout
GetKeyboardState
SetRect
CallWindowProcA
wsprintfA
MessageBoxA
PostQuitMessage
GetWindowLongA
DefWindowProcA
ShowCursor
SetMenu
GetSystemMetrics
SetFocus
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetWindowLongA
DestroyWindow
SetWindowPos
IntersectRect
SetCursorPos
GetClientRect
WINNLSEnableIME
GetWindowThreadProcessId
ShowWindow
SetForegroundWindow
gdi32
GetSystemPaletteEntries
SetDIBitsToDevice
GetStockObject
GetTextExtentPoint32W
CreateFontA
SetBkMode
SetTextColor
GetDeviceCaps
DeleteDC
DeleteObject
CreateDIBSection
CreateCompatibleDC
SelectObject
TextOutW
SetBkColor
advapi32
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
ole32
CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
winmm
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
joyGetPosEx
joyGetNumDevs
joyGetDevCapsA
joyGetPos
timeGetTime
msacm32
acmStreamClose
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamOpen
acmStreamSize
Sections
.text Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 4.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 96KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ