GMVI-sam2[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

GMVI-sam2.zip
Size

543KB
MD5

013a1ff7a18bb7ea616a1fe5b177ff9c
SHA1

da012b60044fdc7e03258ea43a48bbc62190719d
SHA256

d6917cdaeb2ff01e352b5ecc83a0424e4de25da321636ac6e332f182f8beaa3e
SHA512

e04c55dd8de3b1c85383cfdde0cba7c54b9617f06ab612c6feac8ecdfb44c121c4ce3fe9549beb470c273d161036987d37e26337dd23f1fb34d2c353312bbc04
SSDEEP

12288:JjgQygHcEBM9aUfyJwDxFRXttfVxcQIpPARjgN9zs6If:FfVM9aUYwNrdFHc7PARQzs3f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3e9c83f4566a15fe6547b71847ba71f827e9c6f294904409e9c88f3e4051ce23

Files

GMVI-sam2.zip
.zip

Password: infected
3e9c83f4566a15fe6547b71847ba71f827e9c6f294904409e9c88f3e4051ce23
.exe windows x86

b99af4ff118690bab35b5947ec3a0ac3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualAlloc
VirtualFree
GetProcAddress
LoadLibraryA
SetStdHandle
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LocalFree
GetLocaleInfoEx
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
RaiseException
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapValidate
GetSystemInfo
GetModuleHandleExW
GetStdHandle
WriteFile
ExitProcess
GetCurrentThread
HeapReAlloc
HeapSize
HeapQueryInformation
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW

Sections

.textbss
Size: - Virtual size: 586KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 559B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b99af4ff118690bab35b5947ec3a0ac3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.textbss Size: - Virtual size: 586KB

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 238KB - Virtual size: 238KB

.data Size: 130KB - Virtual size: 142KB

.idata Size: 3KB - Virtual size: 3KB

.msvcjmc Size: 1024B - Virtual size: 559B

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 41KB - Virtual size: 40KB

.textbss
Size: - Virtual size: 586KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 238KB - Virtual size: 238KB

.data
Size: 130KB - Virtual size: 142KB

.idata
Size: 3KB - Virtual size: 3KB

.msvcjmc
Size: 1024B - Virtual size: 559B

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 41KB - Virtual size: 40KB