Malware-1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Malware-1.zip
Size

206KB
MD5

ab88b814206587af694cbf437788ed12
SHA1

f0aa3bb012eb13f03c4ad132edcf9b3faf501a90
SHA256

eeec0543efb5310b5215890e89ebf9f3b2962a8e35ebeca50ccc88ad993febb4
SHA512

84b23d4311625c6768e4733106fd2d122a909c5de08d4f6e0c4b6bb9ba6d4ad949f14ea15cb05f66869d9ad515b68ff7f9c260915e4f37f665f60bc27f44aa32
SSDEEP

3072:LOmdYjoFxzPzWOgh7wmVidZQPay45aaka7KFcxLTyPxYYiyfA5yI6:2whPEUmViIS1oax7KFy/yZI5yI6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/geniuskb.dll

Files

Malware-1.zip
.zip
RunDLL-1.bat
geniuskb.dll
.dll windows x64

5fffeda02919d6aa1f77a0a9fd2c681a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
GetFileSizeEx
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MapViewOfFile
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

Exports

Exports

togL10fromY
togL10toY
togL16fromY
togL16toY
togLuv24fromXYZ
togLuv24toXYZ
togLuv32fromXYZ
togLuv32toXYZ
tIFFAccessTagMethods
tIFFCIELabToRGBInit
tIFFCIELabToXYZ
tIFFCheckTile
tIFFCheckpointDirectory
tIFFCleanup
tIFFClientOpen
tIFFClientdata
tIFFClose
tIFFComputeStrip
tIFFComputeTile
tIFFCreateCustomDirectory
tIFFCreateDirectory
tIFFCreateEXIFDirectory
tIFFCreateGPSDirectory
tIFFCurrentDirOffset
tIFFCurrentDirectory
tIFFCurrentRow
tIFFCurrentStrip
tIFFCurrentTile
tIFFDataWidth
tIFFDefaultDirectory
tIFFDefaultStripSize
tIFFDefaultTileSize
tIFFDeferStrileArrayWriting
tIFFError
tIFFErrorExt
tIFFFaxBlackCodes
tIFFFaxBlackTable
tIFFFaxMainTable
tIFFFaxWhiteCodes
tIFFFaxWhiteTable
tIFFFdOpen
tIFFFieldDataType
tIFFFieldName
tIFFFieldPassCount
tIFFFieldReadCount
tIFFFieldTag
tIFFFieldWithName
tIFFFieldWithTag
tIFFFieldWriteCount
tIFFFileName
tIFFFileno
tIFFFillStrip
tIFFFillTile
tIFFFindCODEC
tIFFFindField
tIFFFlush
tIFFFlushData
tIFFFlushData1
tIFFForceStrileArrayWriting
tIFFFreeDirectory
tIFFGetBitRevTable
tIFFGetClientInfo
tIFFGetCloseProc
tIFFGetConfiguredCODECs
tIFFGetField
tIFFGetFieldDefaulted
tIFFGetMapFileProc
tIFFGetMode
tIFFGetReadProc
tIFFGetSeekProc
tIFFGetSizeProc
tIFFGetStrileByteCount
tIFFGetStrileByteCountWithErr
tIFFGetStrileOffset
tIFFGetStrileOffsetWithErr
tIFFGetTagListCount
tIFFGetTagListEntry
tIFFGetUnmapFileProc
tIFFGetVersion
tIFFGetWriteProc
tIFFInitCCITTFax3
tIFFInitCCITTFax4
tIFFInitCCITTRLE
tIFFInitCCITTRLEW
tIFFInitDumpMode
tIFFInitJBIG
tIFFInitJPEG
tIFFInitLERC
tIFFInitLZMA
tIFFInitLZW
tIFFInitNeXT
tIFFInitOJPEG
tIFFInitPackBits
tIFFInitPixarLog
tIFFInitSGILog
tIFFInitThunderScan
tIFFInitWebP
tIFFInitZIP
tIFFInitZSTD
tIFFIsBigEndian
tIFFIsByteSwapped
tIFFIsCODECConfigured
tIFFIsMSB2LSB
tIFFIsTiled
tIFFIsUpSampled
tIFFJPEGIsFullStripRequired
tIFFLastDirectory
tIFFMergeFieldInfo
tIFFNumberOfDirectories
tIFFNumberOfStrips
tIFFNumberOfTiles
tIFFOpen
tIFFOpenW
tIFFPredictorCleanup
tIFFPredictorInit
tIFFPrintDirectory
tIFFRGBAImageBegin
tIFFRGBAImageEnd
tIFFRGBAImageGet
tIFFRGBAImageOK
tIFFRasterScanlineSize
tIFFRasterScanlineSize64
tIFFRawStripSize
tIFFRawStripSize64
tIFFReadBufferSetup
tIFFReadCustomDirectory
tIFFReadDirectory
tIFFReadEXIFDirectory
tIFFReadEncodedStrip
tIFFReadEncodedTile
tIFFReadFromUserBuffer
tIFFReadGPSDirectory
tIFFReadRGBAImage
tIFFReadRGBAImageOriented
tIFFReadRGBAStrip
tIFFReadRGBAStripExt
tIFFReadRGBATile
tIFFReadRGBATileExt
tIFFReadRawStrip
tIFFReadRawTile
tIFFReadScanline
tIFFReadTile
tIFFRegisterCODEC
tIFFReverseBits
tIFFRewriteDirectory
tIFFScanlineSize
tIFFScanlineSize64
tIFFSetClientInfo
tIFFSetClientdata
tIFFSetCompressionScheme
tIFFSetDirectory
tIFFSetErrorHandler
tIFFSetErrorHandlerExt
tIFFSetField
tIFFSetFileName
tIFFSetFileno
tIFFSetMode
tIFFSetSubDirectory
tIFFSetTagExtender
tIFFSetWarningHandler
tIFFSetWarningHandlerExt
tIFFSetWriteOffset
tIFFSetupStrips
tIFFStripSize
tIFFStripSize64
tIFFSwabArrayOfDouble
tIFFSwabArrayOfFloat
tIFFSwabArrayOfLong
tIFFSwabArrayOfLong8
tIFFSwabArrayOfShort
tIFFSwabArrayOfTriples
tIFFSwabDouble
tIFFSwabFloat
tIFFSwabLong
tIFFSwabLong8
tIFFSwabShort
tIFFTileRowSize
tIFFTileRowSize64
tIFFTileSize
tIFFTileSize64
tIFFUnRegisterCODEC
tIFFUnlinkDirectory
tIFFUnsetField
tIFFVGetField
tIFFVGetFieldDefaulted
tIFFVSetField
tIFFVStripSize
tIFFVStripSize64
tIFFVTileSize
tIFFVTileSize64
tIFFWarning
tIFFWarningExt
tIFFWriteBufferSetup
tIFFWriteCheck
tIFFWriteCustomDirectory
tIFFWriteDirectory
tIFFWriteEncodedStrip
tIFFWriteEncodedTile
tIFFWriteRawStrip
tIFFWriteRawTile
tIFFWriteScanline
tIFFWriteTile
tIFFXYZToRGB
tIFFYCbCrToRGBInit
tIFFYCbCrtoRGB
tYZtoRGB24
tTIFFBuiltinCODECS
tTIFFCastUInt64ToSSize
tTIFFCheckFieldIsValidForCodec
tTIFFCheckMalloc
tTIFFCheckRealloc
tTIFFClampDoubleToFloat
tTIFFCreateAnonField
tTIFFDataSize
tTIFFDefaultStripSize
tTIFFDefaultTileSize
tTIFFFax3fillruns
tTIFFFillStriles
tTIFFFindOrRegisterField
tTIFFGetExifFields
tTIFFGetFields
tTIFFGetGpsFields
tTIFFMergeFields
tTIFFMultiply32
tTIFFMultiply64
tTIFFMultiplySSize
tTIFFNoPostDecode
tTIFFNoPreCode
tTIFFNoRowDecode
tTIFFNoRowEncode
tTIFFNoSeek
tTIFFNoStripDecode
tTIFFNoStripEncode
tTIFFNoTileDecode
tTIFFNoTileEncode
tTIFFPrintFieldInfo
tTIFFReadEncodedStripAndAllocBuffer
tTIFFReadEncodedTileAndAllocBuffer
tTIFFReadTileAndAllocBuffer
tTIFFRewriteField
tTIFFSeekOK
tTIFFSetDefaultCompressionState
tTIFFSetGetFieldSize
tTIFFSetupFields
tTIFFSwab16BitData
tTIFFSwab24BitData
tTIFFSwab32BitData
tTIFFSwab64BitData
tTIFFUInt64ToDouble
tTIFFUInt64ToFloat
tTIFFcalloc
tTIFFerrorHandler
tTIFFerrorHandlerExt
tTIFFfree
tTIFFgetMode
tTIFFmalloc
tTIFFmemcmp
tTIFFmemcpy
tTIFFmemset
tTIFFprintAscii
tTIFFprintAsciiTag
tTIFFrealloc
tTIFFsetByteArray
tTIFFsetDoubleArray
tTIFFsetFloatArray
tTIFFsetLongArray
tTIFFsetShortArray
tTIFFsetString
tTIFFwarningHandler
tTIFFwarningHandlerExt
tv_decode
vcab

Sections

.text
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fffeda02919d6aa1f77a0a9fd2c681a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 310KB - Virtual size: 310KB

.data Size: 512B - Virtual size: 224B

.rdata Size: 173KB - Virtual size: 173KB

.pdata Size: 9KB - Virtual size: 9KB

.xdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 3KB

.edata Size: 7KB - Virtual size: 7KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 310KB - Virtual size: 310KB

.data
Size: 512B - Virtual size: 224B

.rdata
Size: 173KB - Virtual size: 173KB

.pdata
Size: 9KB - Virtual size: 9KB

.xdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 7KB - Virtual size: 7KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 20KB - Virtual size: 16KB