57a896e7f018f872e9e682920b0627682c329ecd820fbd5695b95e695202907e[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

57a896e7f018f872e9e682920b0627682c329ecd820fbd5695b95e695202907e.7z
Size

222KB
MD5

53eda974a639908b1671a95c7dad8cfe
SHA1

2167a4bef96de8d5a65214b18dd1414a2bbbf435
SHA256

80270ca81f3c0c7591634b8ec6c7d89fe9180b66716ebb05880859f6a08b6d68
SHA512

626c5fe2f3f1e551fa83a67ac687b302e11d966b9bc477a4da72a091332f301f799463f7d98020f62c8c3960016fadc3b21845fdd9fe06e1140fa66b74b99962
SSDEEP

3072:uxBeUZPKlJCNfXYxOen9cSRNgLD3+zcfSJM9KbdfyP0u7YzZQk9e+RKXMm98pYZX:YAYyJCNfXtetRN7cf4/UnRSFu3ZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/57a896e7f018f872e9e682920b0627682c329ecd820fbd5695b95e695202907e

Files

57a896e7f018f872e9e682920b0627682c329ecd820fbd5695b95e695202907e.7z
.7z

Password: infected
57a896e7f018f872e9e682920b0627682c329ecd820fbd5695b95e695202907e
.exe windows x86

Password: infected

1fe125899eb4d757f2610e6629b757ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
ord6
ord17
ImageList_Create
CreateToolbarEx

winmm

timeSetEvent
PlaySoundA
timeGetTime
timeKillEvent

kernel32

MoveFileA
CreateDirectoryA
GetVersionExA
MulDiv
GetStdHandle
AllocConsole
WriteConsoleA
OutputDebugStringA
GetComputerNameA
SearchPathA
GlobalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreA
SetThreadPriority
TlsSetValue
GetCurrentThreadId
DuplicateHandle
GetCurrentThread
GetCurrentProcess
TlsAlloc
TlsGetValue
GetSystemTime
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
ReadFile
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentDirectoryA
InterlockedIncrement
InterlockedDecrement
HeapSize
SetHandleCount
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetUnhandledExceptionFilter
FatalAppExitA
SetLastError
TlsFree
ExitThread
GetVersion
GetCommandLineA
GetStartupInfoA
TerminateProcess
ExitProcess
GetFullPathNameA
GetFileAttributesA
HeapAlloc
GetFileType
SetStdHandle
GetLocalTime
GetTimeZoneInformation
HeapFree
RaiseException
RtlUnwind
QueryPerformanceCounter
QueryPerformanceFrequency
GetFileTime
SetEndOfFile
FlushFileBuffers
SystemTimeToFileTime
SetFileTime
SetFilePointer
WriteFile
CreateFileA
GetLogicalDriveStringsA
GetDriveTypeA
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
GetModuleFileNameA
FindFirstFileA
FindNextFileA
FindClose
WideCharToMultiByte
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
FormatMessageA
GetSystemTimeAsFileTime
LocalFree
Beep
Sleep
SetEvent
CloseHandle
WaitForSingleObject
CreateThread
ResumeThread
CreateEventA
GetModuleHandleA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
GetLocaleInfoW
GetCPInfo

user32

SetWindowsHookExA
GetWindowThreadProcessId
UnhookWindowsHookEx
CallNextHookEx
GetScrollInfo
IsDlgButtonChecked
GetMessageA
LoadKeyboardLayoutA
LoadBitmapA
GetMenuStringA
ModifyMenuA
PtInRect
GetDesktopWindow
SetWindowRgn
OpenDesktopA
EnumDesktopWindows
CloseDesktop
FindWindowA
GetClassNameA
DestroyIcon
EnableWindow
GetWindowTextA
GetMenuItemCount
RemoveMenu
SendDlgItemMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyMenu
GetKeyboardState
GetMenuItemID
SetMenuDefaultItem
TrackPopupMenu
LoadStringA
RegisterClassExA
LoadMenuA
GetCursorPos
SetCursorPos
GetSystemMetrics
RedrawWindow
EmptyClipboard
SetClipboardData
GetClipboardOwner
OpenClipboard
GetClipboardData
LoadImageA
IsRectEmpty
DialogBoxParamA
SetDlgItemTextA
CloseClipboard
BeginPaint
EndPaint
GetForegroundWindow
GetWindow
GetFocus
SetCursor
IsWindow
DefWindowProcA
ChangeClipboardChain
ShowScrollBar
ToAscii
GetKeyState
GetSubMenu
FillRect
SetForegroundWindow
EndDialog
CreateAcceleratorTableA
TranslateAcceleratorA
DestroyAcceleratorTable
SetWindowLongA
GetParent
GetDlgItemTextA
GetWindowLongA
RegisterWindowMessageA
ShowWindow
CreateWindowExA
SendMessageA
GetClientRect
ReleaseDC
GetDC
RegisterClassA
LoadCursorA
LoadIconA
PostQuitMessage
GetDlgItemInt
SetFocus
KillTimer
GetWindowRect
GetDlgItem
SetTimer
EnableMenuItem
wsprintfA
IsIconic
InvalidateRgn
PostMessageA
GetKeyboardLayoutNameA
SetScrollInfo
ScrollWindowEx
DestroyWindow
DrawTextA
InvalidateRect
SystemParametersInfoA
SetRect
AdjustWindowRectEx
SetWindowPos
MoveWindow
SetWindowTextA
UpdateWindow
SetDlgItemInt
MessageBoxA
GetSystemMenu
AppendMenuA
DrawMenuBar
CheckMenuItem
SetClipboardViewer

gdi32

CreateCompatibleBitmap
ExtTextOutA
RealizePalette
SelectPalette
SetDIBColorTable
CreateDIBSection
CombineRgn
CreateRectRgn
GetStockObject
SetBkColor
StretchBlt
SetBrushOrgEx
SetStretchBltMode
SetPixelV
CreateRectRgnIndirect
CreateFontIndirectA
GdiFlush
SetBkMode
Rectangle
CreateFontA
CreatePolygonRgn
LineTo
MoveToEx
CreatePen
SetTextColor
GetDeviceCaps
CreatePalette
GetClipBox
CreateCompatibleDC
CreateSolidBrush
SelectObject
PatBlt
BitBlt
DeleteObject
UpdateColors
DeleteDC

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

advapi32

RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegOpenKeyA
RegSetValueA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey

shell32

SHGetPathFromIDListA
Shell_NotifyIconA
SHGetSpecialFolderLocation

wsock32

recv
bind
listen
WSAAsyncSelect
send
shutdown
closesocket
inet_ntoa
ioctlsocket
gethostbyname
htons
connect
getpeername
select
WSAGetLastError
accept
WSACleanup
WSAStartup
socket
setsockopt

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1fe125899eb4d757f2610e6629b757ed

Headers

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

wsock32

Sections

.text Size: 436KB - Virtual size: 435KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 48KB - Virtual size: 73KB

.idata Size: 12KB - Virtual size: 10KB

.rsrc Size: 176KB - Virtual size: 172KB

.reloc Size: 20KB - Virtual size: 18KB

.text
Size: 436KB - Virtual size: 435KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 48KB - Virtual size: 73KB

.idata
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 176KB - Virtual size: 172KB

.reloc
Size: 20KB - Virtual size: 18KB