xdeltaUI[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

xdeltaUI.zip
Size

250KB
MD5

75df280de6cf6e81032084008c36190e
SHA1

6f6ae8cce69413ae964c4d5339197021a505cb67
SHA256

5b7450a02e7bfa9ea0ea647f75f35b7833595ee5ca977fc3e628e27681cdc1ec
SHA512

b940a124d89e6bcce7306f4eb408cb1b3b91673bfde7528b9baf49169f1fb80f796110ab0b67ed404d7d290bab2abab09cd2e999fd03905e550c1e8e23665ee0
SSDEEP

6144:53Axdbh1ON1KvwTgRDdxNSJCsiWDnTK2r7yoDR:53IMN1H4SAspDNiaR

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xdelta.exe
unpack001/xdeltaUI.exe

Files

xdeltaUI.zip
.zip
readme.txt
xdelta.exe
.exe windows x64

1a7952da73c98b9ff5260c1df912f8d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
ReadFile
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetFilePointerEx
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WriteFile

msvcrt

__C_specific_handler
__dllonexit
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_lock
_onexit
_snprintf
_stat64
_unlock
_vsnprintf
abort
calloc
exit
fclose
fflush
fopen
fprintf
fread
free
fwrite
getenv
islower
isspace
isupper
malloc
memcmp
memcpy
memmove
memset
setvbuf
signal
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strtol
system
vfprintf
_unlink
_getpid

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xdeltaUI.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a7952da73c98b9ff5260c1df912f8d9

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 262KB - Virtual size: 261KB

.data Size: 1024B - Virtual size: 704B

.rdata Size: 48KB - Virtual size: 48KB

.pdata Size: 9KB - Virtual size: 8KB

.xdata Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 46KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 104B

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 119KB - Virtual size: 118KB

/31 Size: 8KB - Virtual size: 8KB

/45 Size: 27KB - Virtual size: 27KB

/57 Size: 17KB - Virtual size: 17KB

/70 Size: 2KB - Virtual size: 1KB

/81 Size: 13KB - Virtual size: 12KB

/92 Size: 2KB - Virtual size: 1KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 44KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 262KB - Virtual size: 261KB

.data
Size: 1024B - Virtual size: 704B

.rdata
Size: 48KB - Virtual size: 48KB

.pdata
Size: 9KB - Virtual size: 8KB

.xdata
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 46KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 104B

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 119KB - Virtual size: 118KB

/31
Size: 8KB - Virtual size: 8KB

/45
Size: 27KB - Virtual size: 27KB

/57
Size: 17KB - Virtual size: 17KB

/70
Size: 2KB - Virtual size: 1KB

/81
Size: 13KB - Virtual size: 12KB

/92
Size: 2KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 12B