ursnif_7d31dc2713182ca4bec144624604019a98e42e31231ee38c1f51915f0ac23909[.]zip

Resubmissions

14/07/2023, 19:01

230714-xpd84sgg31 7

14/07/2023, 19:00

230714-xnwrrsgg3y 3

13/07/2023, 09:14

230713-k7rwpsga47 3

12/07/2023, 12:32

230712-pqxg3seb4x 3

Sharing

Copy URL

Twitter E-mail

General

Target

ursnif_7d31dc2713182ca4bec144624604019a98e42e31231ee38c1f51915f0ac23909.zip
Size

1.1MB
MD5

b4d7c96eeff3adfd599752ef0fd6a2ae
SHA1

73e326a83efd9182ccc4fde86f2ee4c7576d076d
SHA256

40d516c45b76eef691b2780d2de112e7037e5d0091af28260af29186f6c3d20e
SHA512

e5682892d7aab1490b10cf51aa8feb42f5ffbda98ff5dd0bb0322952d4c6037c381f4f350a32b6b6f09ba92a2c48b71537b7ac0fa909b940e4a969b7aa337845
SSDEEP

24576:q5oB8vjBoTZYA9CC6HM9ouWGL2MO7/X3VrQlMUHyGaqR:qoBwN4DGHMquWk27DnViyLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PhysX3_x64.dll

Files

ursnif_7d31dc2713182ca4bec144624604019a98e42e31231ee38c1f51915f0ac23909.zip
.zip

Password: infected
7d31dc2713182ca4bec144624604019a98e42e31231ee38c1f51915f0ac23909.zip
.zip

Password: infected
PhysX3_x64.dll
.dll windows x64

Password: infected

d8cf501f2ead6a968abf3df1e5f5d366

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MapViewOfFile
GetLastError
CreateFileMappingA
GetCurrentProcessId
GetVersionExA
CloseHandle
UnmapViewOfFile
LoadLibraryA
GetProcAddress
GetModuleHandleA
DecodePointer
EncodePointer
HeapAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
GetModuleHandleW
ExitProcess
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
Sleep
HeapSize
RtlUnwindEx
RaiseException
RtlPcToFileHeader
FlsGetValue
FlsFree
SetLastError
GetCurrentThread
FlsAlloc
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
LoadLibraryW
FreeLibrary
HeapReAlloc
SetStdHandle
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
FlushFileBuffers
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LocalAlloc
LocalFree

Exports

Exports

??0NbBroadPhaseAddsProperty@physx@@QEAA@XZ
??0NbBroadPhaseRemovesProperty@physx@@QEAA@XZ
??0NbCCDPairsProperty@physx@@QEAA@XZ
??0NbDiscreteContactPairsProperty@physx@@QEAA@XZ
??0NbModifiedContactPairsProperty@physx@@QEAA@XZ
??0NbShapesProperty@physx@@QEAA@XZ
??0NbTriggerPairsProperty@physx@@QEAA@XZ
??0ProjectionPlaneProperty@physx@@QEAA@XZ
??0PxActorGeneratedInfo@physx@@QEAA@XZ
??0PxActorGeneratedValues@physx@@QEAA@PEBVPxActor@1@@Z
??0PxAggregateGeneratedInfo@physx@@QEAA@XZ
??0PxAggregateGeneratedValues@physx@@QEAA@PEBVPxAggregate@1@@Z
??0PxArticulationGeneratedInfo@physx@@QEAA@XZ
??0PxArticulationGeneratedValues@physx@@QEAA@PEBVPxArticulation@1@@Z
??0PxArticulationJointGeneratedInfo@physx@@QEAA@XZ
??0PxArticulationJointGeneratedValues@physx@@QEAA@PEBVPxArticulationJoint@1@@Z
??0PxArticulationLinkGeneratedInfo@physx@@QEAA@XZ
??0PxArticulationLinkGeneratedValues@physx@@QEAA@PEBVPxArticulationLink@1@@Z
??0PxBoxGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxBoxGeometryGeneratedValues@physx@@QEAA@PEBVPxBoxGeometry@1@@Z
??0PxCapsuleGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxCapsuleGeometryGeneratedValues@physx@@QEAA@PEBVPxCapsuleGeometry@1@@Z
??0PxClothFabricGeneratedInfo@physx@@QEAA@XZ
??0PxClothFabricGeneratedValues@physx@@QEAA@PEBVPxClothFabric@1@@Z
??0PxClothFabricPhaseGeneratedInfo@physx@@QEAA@XZ
??0PxClothFabricPhaseGeneratedValues@physx@@QEAA@PEBUPxClothFabricPhase@1@@Z
??0PxClothGeneratedInfo@physx@@QEAA@XZ
??0PxClothGeneratedValues@physx@@QEAA@PEBVPxCloth@1@@Z
??0PxClothMotionConstraintConfigGeneratedInfo@physx@@QEAA@XZ
??0PxClothMotionConstraintConfigGeneratedValues@physx@@QEAA@PEBUPxClothMotionConstraintConfig@1@@Z
??0PxClothParticleDataGeneratedInfo@physx@@QEAA@XZ
??0PxClothParticleDataGeneratedValues@physx@@QEAA@PEBVPxClothParticleData@1@@Z
??0PxClothParticleGeneratedInfo@physx@@QEAA@XZ
??0PxClothParticleGeneratedValues@physx@@QEAA@PEBUPxClothParticle@1@@Z
??0PxClothStretchConfigGeneratedInfo@physx@@QEAA@XZ
??0PxClothStretchConfigGeneratedValues@physx@@QEAA@PEBUPxClothStretchConfig@1@@Z
??0PxClothTetherConfigGeneratedInfo@physx@@QEAA@XZ
??0PxClothTetherConfigGeneratedValues@physx@@QEAA@PEBUPxClothTetherConfig@1@@Z
??0PxConstraintGeneratedInfo@physx@@QEAA@XZ
??0PxConstraintGeneratedValues@physx@@QEAA@PEBVPxConstraint@1@@Z
??0PxConvexMeshGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxConvexMeshGeometryGeneratedValues@physx@@QEAA@PEBVPxConvexMeshGeometry@1@@Z
??0PxGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxGeometryGeneratedValues@physx@@QEAA@PEBVPxGeometry@1@@Z
??0PxHeightFieldDescGeneratedInfo@physx@@QEAA@XZ
??0PxHeightFieldDescGeneratedValues@physx@@QEAA@PEBVPxHeightFieldDesc@1@@Z
??0PxHeightFieldGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxHeightFieldGeometryGeneratedValues@physx@@QEAA@PEBVPxHeightFieldGeometry@1@@Z
??0PxLockedDataGeneratedInfo@physx@@QEAA@XZ
??0PxLockedDataGeneratedValues@physx@@QEAA@PEBVPxLockedData@1@@Z
??0PxMaterialGeneratedInfo@physx@@QEAA@XZ
??0PxMaterialGeneratedValues@physx@@QEAA@PEBVPxMaterial@1@@Z
??0PxMeshScaleGeneratedInfo@physx@@QEAA@XZ
??0PxMeshScaleGeneratedValues@physx@@QEAA@PEBVPxMeshScale@1@@Z
??0PxParticleBaseGeneratedInfo@physx@@QEAA@XZ
??0PxParticleBaseGeneratedValues@physx@@QEAA@PEBVPxParticleBase@1@@Z
??0PxParticleFluidGeneratedInfo@physx@@QEAA@XZ
??0PxParticleFluidGeneratedValues@physx@@QEAA@PEBVPxParticleFluid@1@@Z
??0PxParticleReadDataGeneratedInfo@physx@@QEAA@XZ
??0PxParticleReadDataGeneratedValues@physx@@QEAA@PEBVPxParticleReadData@1@@Z
??0PxParticleSystemGeneratedInfo@physx@@QEAA@XZ
??0PxParticleSystemGeneratedValues@physx@@QEAA@PEBVPxParticleSystem@1@@Z
??0PxPhysicsGeneratedInfo@physx@@QEAA@XZ
??0PxPhysicsGeneratedValues@physx@@QEAA@PEBVPxPhysics@1@@Z
??0PxPlaneGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxPlaneGeometryGeneratedValues@physx@@QEAA@PEBVPxPlaneGeometry@1@@Z
??0PxRigidActorGeneratedInfo@physx@@QEAA@XZ
??0PxRigidActorGeneratedValues@physx@@QEAA@PEBVPxRigidActor@1@@Z
??0PxRigidBodyGeneratedInfo@physx@@QEAA@XZ
??0PxRigidBodyGeneratedValues@physx@@QEAA@PEBVPxRigidBody@1@@Z
??0PxRigidDynamicGeneratedInfo@physx@@QEAA@XZ
??0PxRigidDynamicGeneratedValues@physx@@QEAA@PEBVPxRigidDynamic@1@@Z
??0PxRigidStaticGeneratedInfo@physx@@QEAA@XZ
??0PxRigidStaticGeneratedValues@physx@@QEAA@PEBVPxRigidStatic@1@@Z
??0PxSceneDescGeneratedInfo@physx@@QEAA@XZ
??0PxSceneDescGeneratedValues@physx@@QEAA@PEBVPxSceneDesc@1@@Z
??0PxSceneGeneratedInfo@physx@@QEAA@XZ
??0PxSceneGeneratedValues@physx@@QEAA@PEBVPxScene@1@@Z
??0PxSceneLimitsGeneratedInfo@physx@@QEAA@XZ
??0PxSceneLimitsGeneratedValues@physx@@QEAA@PEBVPxSceneLimits@1@@Z
??0PxShapeGeneratedInfo@physx@@QEAA@XZ
??0PxShapeGeneratedValues@physx@@QEAA@PEBVPxShape@1@@Z
??0PxSimulationStatisticsGeneratedInfo@physx@@QEAA@XZ
??0PxSimulationStatisticsGeneratedValues@physx@@QEAA@PEBVPxSimulationStatistics@1@@Z
??0PxSphereGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxSphereGeometryGeneratedValues@physx@@QEAA@PEBVPxSphereGeometry@1@@Z
??0PxTolerancesScaleGeneratedInfo@physx@@QEAA@XZ
??0PxTolerancesScaleGeneratedValues@physx@@QEAA@PEBVPxTolerancesScale@1@@Z
??0PxTriangleMeshGeometryGeneratedInfo@physx@@QEAA@XZ
??0PxTriangleMeshGeometryGeneratedValues@physx@@QEAA@PEBVPxTriangleMeshGeometry@1@@Z
??0RestvaluesProperty@physx@@QEAA@XZ
??0SimulationStatisticsProperty@physx@@QEAA@XZ
?PxCreateSpatialIndex@physx@@YAPEAVPxSpatialIndex@1@XZ
?createConvexMeshMirror@PxParticleGpu@physx@@SA_NAEBVPxConvexMesh@2@AEAVPxCudaContextManager@2@@Z
?createHeightFieldMirror@PxParticleGpu@physx@@SA_NAEBVPxHeightField@2@AEAVPxCudaContextManager@2@@Z
?createLink@PxArticulationLinkCollectionPropHelper@physx@@QEBAPEAVPxArticulationLink@2@PEAVPxArticulation@2@PEAV32@AEBVPxTransform@2@@Z
?createShape@PxRigidActorShapeCollectionHelper@physx@@QEBAPEAVPxShape@2@PEAVPxRigidActor@2@AEBVPxGeometry@2@AEAVPxMaterial@2@V?$PxFlags@W4Enum@PxShapeFlag@physx@@E@2@@Z
?createShape@PxRigidActorShapeCollectionHelper@physx@@QEBAPEAVPxShape@2@PEAVPxRigidActor@2@AEBVPxGeometry@2@PEBQEAVPxMaterial@2@GV?$PxFlags@W4Enum@PxShapeFlag@physx@@E@2@@Z
?createTriangleMeshMirror@PxParticleGpu@physx@@SA_NAEBVPxTriangleMesh@2@AEAVPxCudaContextManager@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxBoxGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxCapsuleGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxConvexMeshGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxHeightFieldGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxPlaneGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxSphereGeometry@2@@Z
?getGeometry@PxShapeGeometryPropertyHelper@physx@@QEBA_NPEBVPxShape@2@AEAVPxTriangleMeshGeometry@2@@Z
?getGeometryType@PxShapeGeometryPropertyHelper@physx@@QEBA?AW4Enum@PxGeometryType@2@PEBVPxShape@2@@Z
?getReadWriteCudaBuffers@PxParticleDeviceExclusive@physx@@SAXAEAVPxParticleBase@2@AEAUPxCudaReadWriteParticleBuffers@2@@Z
?registerPhysXIndicatorGpuClient@PxPhysXIndicatorDeviceExclusive@physx@@SAXAEAVPxPhysics@2@@Z
?releaseConvexMeshMirror@PxParticleGpu@physx@@SAXAEBVPxConvexMesh@2@PEAVPxCudaContextManager@2@@Z
?releaseHeightFieldMirror@PxParticleGpu@physx@@SAXAEBVPxHeightField@2@PEAVPxCudaContextManager@2@@Z
?releaseTriangleMeshMirror@PxParticleGpu@physx@@SAXAEBVPxTriangleMesh@2@PEAVPxCudaContextManager@2@@Z
?setExplicitCudaFlushCountHint@PxParticleGpu@physx@@SAXAEBVPxScene@2@I@Z
?setFlags@PxParticleDeviceExclusive@physx@@SAXAEAVPxParticleBase@2@V?$PxFlags@W4Enum@PxParticleDeviceExclusiveFlag@physx@@I@2@@Z
?setMaterials@PxShapeMaterialsPropertyHelper@physx@@QEBAXPEAVPxShape@2@PEBQEAVPxMaterial@2@G@Z
?setTriangleMeshCacheSizeHint@PxParticleGpu@physx@@SA_NAEBVPxScene@2@I@Z
?setValidParticleRange@PxParticleDeviceExclusive@physx@@SAXAEAVPxParticleBase@2@I@Z
?unregisterPhysXIndicatorGpuClient@PxPhysXIndicatorDeviceExclusive@physx@@SAXAEAVPxPhysics@2@@Z
PxAddCollectionToPhysics
PxCreateBasePhysics
PxGetPhysics
PxGetPhysicsBinaryMetaData
PxGetValue
PxRegisterArticulations
PxRegisterCloth
PxRegisterHeightFields
PxRegisterParticles
PxRegisterPhysicsSerializers
PxRegisterUnifiedHeightFields
PxSetPhysXDelayLoadHook
PxUnregisterPhysicsSerializers

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

d8cf501f2ead6a968abf3df1e5f5d366

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 337KB - Virtual size: 336KB

.data Size: 38KB - Virtual size: 53KB

.pdata Size: 138KB - Virtual size: 138KB

text Size: 5KB - Virtual size: 4KB

data Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 337KB - Virtual size: 336KB

.data
Size: 38KB - Virtual size: 53KB

.pdata
Size: 138KB - Virtual size: 138KB

text
Size: 5KB - Virtual size: 4KB

data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 20KB - Virtual size: 20KB