28dfbb69db3a6a74d3e40604134850d7f5d35befd44eae53fccd405df70c86e7[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

28dfbb69db3a6a74d3e40604134850d7f5d35befd44eae53fccd405df70c86e7.zip
Size

1.9MB
MD5

2b04ef0d4498177954ce325a60941262
SHA1

cee6eb48ee169dd7cbdff07863b94ebea49e3e4c
SHA256

63952bebf2a1e39347f72e3b5a226ceed0eb6d386ed2dda331b3a6770c72d354
SHA512

d022d64292582965c80a887a3ea5ab879852035ef4de040657286852b56ec8c1168866b79210f31f44d332abcd26d7f7a1885e13e2f53a619f01a5d11422ad56
SSDEEP

49152:VAYrBQhBFhx8Wk/9y/9+bmw3xEDl3Qany8X8+hz2rGkTiYLwB0dk:VAYrybx879y16l3iDdbHXFhM7Ffk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/28dfbb69db3a6a74d3e40604134850d7f5d35befd44eae53fccd405df70c86e7

Files

28dfbb69db3a6a74d3e40604134850d7f5d35befd44eae53fccd405df70c86e7.zip
.zip

Password: infected
28dfbb69db3a6a74d3e40604134850d7f5d35befd44eae53fccd405df70c86e7
.exe windows x86

Password: infected

908097c5d82c1cef3dc7cbf5d22c3b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
VirtualQuery
GetSystemInfo
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
LCMapStringW
GetCommandLineA
GetModuleHandleExW
ExitProcess
RtlUnwind
OutputDebugStringW
SetStdHandle
GetFileType
GetStdHandle
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
SearchPathW
GetTempPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
SetErrorMode
FindResourceExW
lstrcpyW
GetWindowsDirectoryW
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetStringTypeExW
MoveFileW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetThreadLocale
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
LeaveCriticalSection
EnterCriticalSection
GlobalGetAtomNameW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
CompareStringA
lstrcmpA
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryA
GetVersionExW
WideCharToMultiByte
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GlobalAlloc
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
SetLastError
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
VirtualAlloc
IsDebuggerPresent
OutputDebugStringA
CloseHandle
WriteFile
SizeofResource
MulDiv
MultiByteToWideChar
GetLastError
CreateMutexW
FindResourceW
LoadResource
LockResource
GetCommandLineW
WriteConsoleW

user32

SetParent
IsRectEmpty
DeleteMenu
GetSystemMenu
IsZoomed
DestroyCursor
ReuseDDElParam
UnpackDDElParam
DestroyIcon
OffsetRect
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
SetRectEmpty
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SystemParametersInfoW
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetDCEx
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
IntersectRect
CopyRect
IsDialogMessageW
SetWindowLongW
SetWindowTextW
GetDlgCtrlID
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
SetWindowPos
MoveWindow
ShowWindow
GetFocus
GetWindow
GetWindowTextLengthW
LockWindowUpdate
GetMenuDefaultItem
TrackMouseEvent
LoadBitmapW
LoadImageW
GetDC
GetClientRect
InvalidateRect
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
SendDlgItemMessageA
RealChildWindowFromPoint
GetSysColorBrush
GetMenuItemInfoW
CopyImage
GetAsyncKeyState
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
MessageBoxW
GetSysColor
UnionRect
DrawIcon
SetWindowRgn
WindowFromPoint
GetTabbedTextExtentW
IsIconic
UpdateWindow
EnableWindow
SendMessageW
KillTimer
SetTimer
ReleaseDC
SetCursor
LoadCursorW
GetSystemMetrics
FillRect
SetCapture
SetRect
InflateRect
GetKeyState
ReleaseCapture
UnregisterClassW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetParent
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
WaitMessage
IsClipboardFormatAvailable
DrawFocusRect
DrawIconEx
CreateMenu
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
GetWindowRgn
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetMessageTime
EnumDisplayMonitors

gdi32

Ellipse
SetPixel
Polyline
UnrealizeObject
GetDeviceCaps
CreateFontW
CreateBitmap
CreateRectRgn
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
StartDocW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
Rectangle
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CombineRgn
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
GetTextExtentPoint32W
GetTextMetricsW
GetCharWidthW
StretchDIBits
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
CreateDIBSection
LPtoDP
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetDIBColorTable
CreatePolygonRgn
Polygon
CreateRoundRectRgn
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPaletteEntries
SetPixelV
SetBrushOrgEx
CreatePatternBrush
CreateHatchBrush
CreatePen
GetPixel
ExtFloodFill
GetStockObject
CreateCompatibleBitmap
BitBlt
RoundRect
StretchBlt
SelectObject
CreateCompatibleDC
CreateBitmapIndirect
GetBitmapBits
SetWindowExtEx
CreateSolidBrush
GetObjectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

RegSetValueExW
RegSetValueW
RegEnumKeyExW
RegEnumValueW
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

DragFinish
SHAddToRecentDocs
ExtractIconW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW

uxtheme

GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
GetThemePartSize

ole32

CoRevokeClassObject
DoDragDrop
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
OleFlushClipboard
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleLockRunning
RevokeDragDrop
RegisterDragDrop

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

908097c5d82c1cef3dc7cbf5d22c3b76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 343KB - Virtual size: 343KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 268KB - Virtual size: 267KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 343KB - Virtual size: 343KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 268KB - Virtual size: 267KB