Install_01025[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Install_01025.exe
Size

19.0MB
MD5

3bb8a5e62fc0a951d41c67012b160c24
SHA1

f418b6b40344e98d9a1f4ebac19a961b27807e0b
SHA256

db602df9e39c1d9cf1725f0ee1390063b24dc077c05e8254c140403811e1cfce
SHA512

e868f54d0df8e6c55fe7942aad3e40bde9158694d1c7c9db47240a5276673d350f9d970cf6ae844899a800e336eb159dc15682ca0c2cfea0ea5f8134e729b09a
SSDEEP

393216:fS0j3xAUTY6ADwP5uQPHlcvcYlJKdzDkOyQbTyLGmtzbaJOeUb:6u3OUUtsqUNlyuTGGmt2Otb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Install_01025.exe

Files

Install_01025.exe
.exe windows x86

b3abb3a9ecde1dd4cefd1ae9f8eb9b8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

comctl32

FlatSB_GetScrollInfo
ImageList_Remove
FlatSB_SetScrollInfo
ImageList_GetIcon
_TrackMouseEvent
ImageList_GetBkColor
ImageList_Read
FlatSB_SetScrollProp
ImageList_GetImageCount
ImageList_Draw
ImageList_DragLeave
ImageList_SetIconSize
ImageList_DragMove
ImageList_GetIconSize
FlatSB_GetScrollPos
ImageList_SetImageCount
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_Create
FlatSB_SetScrollPos
ImageList_Write
InitializeFlatSB
ImageList_EndDrag
ImageList_DrawEx
ImageList_Add
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_Destroy
ImageList_DragEnter
ImageList_SetBkColor

shell32

ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
SHAppBarMessage
SHGetFolderPathW

user32

CallNextHookEx
InsertMenuW
GetMessageExtraInfo
ScreenToClient
SetRect
FillRect
GetDC
SendMessageA
DispatchMessageA
EnumThreadWindows
TrackPopupMenu
EnumChildWindows
DestroyCursor
FindWindowW
GetCapture
EnableMenuItem
SetMenuItemInfoW
GetFocus
SetWindowPos
MsgWaitForMultipleObjectsEx
GetDlgItem
GetForegroundWindow
GetCursorPos
EnableWindow
UnhookWindowsHookEx
MessageBoxW
GetClassLongW
SendMessageW
InflateRect
GetLastActivePopup
CreateMenu
GetClassNameW
GetMonitorInfoW
EndPaint
SetWindowPlacement
HideCaret
RemovePropW
GetKeyState
PeekMessageW
ValidateRect
CheckMenuItem
SetWindowRgn
SetScrollRange
DrawIcon
GetMenuItemInfoW
GetSystemMetrics
SetCapture
SetParent
SetWindowLongW
TranslateMDISysAccel
InsertMenuItemW
ShowCaret
LoadKeyboardLayoutW
RegisterClipboardFormatW
GetSysColorBrush
DispatchMessageW
MapVirtualKeyW
GetMenuItemID
SetActiveWindow
GetClipboardData
IsClipboardFormatAvailable
FindWindowExW
SetPropW
SystemParametersInfoW
CreateIcon
DrawFrameControl
ReleaseCapture
RegisterClassW
WindowFromPoint
GetIconInfo
CreateIconIndirect
GetKeyboardLayoutList
DefWindowProcW
LoadBitmapW
EnumWindows
PtInRect
IsChild
GetWindowLongW
DrawTextExW
GetScrollPos
RemoveMenu
SetScrollInfo
LoadStringW
GetWindowPlacement
SetScrollPos
EndMenu
ShowScrollBar
SetCursor
GetParent
IsDialogMessageW
GetMessagePos
SetMenu
EnumClipboardFormats
DestroyMenu
IsWindowUnicode
CopyImage
DrawMenuBar
BeginPaint
OpenClipboard
SetWindowsHookExW
GetClientRect
EnableScrollBar
MonitorFromPoint
GetKeyboardState
EmptyClipboard
GetClassInfoW
WaitMessage
GetPropW
GetSysColor
CharUpperW
GetScrollRange
GetUpdateRect
SetForegroundWindow
GetWindow
DefFrameProcW
KillTimer
GetMenuStringW
GetKeyboardLayoutNameW
TranslateMessage
CharNextW
GetScrollInfo
CharLowerW
GetMenuItemRect
ReleaseDC
FrameRect
GetComboBoxInfo
DrawEdge
OffsetRect
CreateWindowExW
IsIconic
DrawTextW
GetActiveWindow
GetWindowDC
MsgWaitForMultipleObjects
SetFocus
MonitorFromWindow
SetClipboardData
SetClassLongW
SetCursorPos
CharLowerBuffW
IsWindowEnabled
GetWindowTextW
GetWindowThreadProcessId
GetCursor
DefMDIChildProcW
GetSystemMenu
ClientToScreen
GetKeyboardLayout
SetTimer
DestroyIcon
DrawFocusRect
IsWindowVisible
InvalidateRect
GetMenuItemCount
GetClassInfoExW
SwitchToThisWindow
RedrawWindow
MapWindowPoints
PostMessageW
PeekMessageA
AdjustWindowRectEx
UpdateWindow
IsWindow
RegisterWindowMessageW
GetSubMenu
IsRectEmpty
GetDesktopWindow
CreatePopupMenu
GetTopWindow
DeleteMenu
ActivateKeyboardLayout
CallWindowProcW
EnumDisplayMonitors
ShowWindow
IsZoomed
GetWindowRect
GetKeyNameTextW
DestroyWindow
IsDialogMessageA
MessageBeep
CharUpperBuffW
PostQuitMessage
ShowOwnedPopups
ScrollWindow
UnregisterClassW
DrawIconEx
CloseClipboard
GetDCEx
GetMenu
SetWindowTextW
GetMenuState
GetDlgCtrlID
LoadCursorW
LoadIconW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleaut32

SafeArrayGetLBound
GetErrorInfo
SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayGetUBound
SafeArrayCreate
SysReAllocStringLen
VariantCopy
VariantClear
SysFreeString
VariantChangeType
VariantInit

advapi32

AdjustTokenPrivileges
OpenServiceW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
GetUserNameW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
QueryServiceStatus
RegQueryValueExW
OpenSCManagerW
RegFlushKey
LookupPrivilegeValueW

msvcrt

memset
memcpy

winhttp

WinHttpQueryDataAvailable
WinHttpSetStatusCallback
WinHttpReadData
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpWriteData
WinHttpQueryAuthSchemes
WinHttpQueryOption
WinHttpSetCredentials
WinHttpConnect
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpOpen
WinHttpOpenRequest
WinHttpGetIEProxyConfigForCurrentUser

kernel32

LoadResource
GetFileSize
SetEndOfFile
GetSystemDefaultUILanguage
VirtualQuery
GetLastError
TerminateThread
VirtualQueryEx
SetThreadLocale
SetLastError
EnumResourceNamesW
GlobalDeleteAtom
FileTimeToSystemTime
GetTimeZoneInformation
FindResourceW
GetStdHandle
ExitThread
LockResource
GetStartupInfoW
SuspendThread
GetFullPathNameW
GetProcAddress
TlsSetValue
SetErrorMode
CreateMutexW
LeaveCriticalSection
SwitchToThread
GetLocalTime
GlobalFree
GetUserDefaultUILanguage
GetProcessHeap
CreateThread
FindFirstFileW
GetThreadPriority
CreateDirectoryW
VirtualFree
VerSetConditionMask
CloseHandle
UnhandledExceptionFilter
RtlUnwind
GetFileAttributesW
GlobalAlloc
VirtualAlloc
RaiseException
ExitProcess
GetCommandLineW
GlobalLock
CreateEventW
GetDiskFreeSpaceW
GetThreadLocale
HeapAlloc
MultiByteToWideChar
GetCurrentProcessId
LCMapStringW
WideCharToMultiByte
GetCPInfo
CreateFileW
QueryPerformanceFrequency
GetTickCount
HeapFree
SetEvent
GetVersionExW
GetACP
SetFilePointer
FindClose
GlobalUnlock
GetLocaleInfoW
LocalAlloc
DeleteCriticalSection
GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleW
LocalFree
GetSystemInfo
ResumeThread
EnumCalendarInfoW
FormatMessageW
EnterCriticalSection
GlobalHandle
SetThreadPriority
HeapDestroy
GetComputerNameW
GlobalAddAtomW
WaitForMultipleObjectsEx
HeapCreate
GetVersion
CompareStringW
LoadLibraryA
InitializeCriticalSection
MulDiv
lstrlenW
GlobalSize
FreeLibrary
QueryPerformanceCounter
WriteFile
Sleep
ResetEvent
SizeofResource
GetDateFormatW
GetDriveTypeW
VerifyVersionInfoW
IsDebuggerPresent
ReadFile
GetCurrentThread
WaitForSingleObject
LoadLibraryW
FreeResource
LoadLibraryExW
GetCPInfoExW
MoveFileW
GetTempPathW
GetExitCodeThread
FindNextFileW
DeviceIoControl
GlobalFindAtomW
TlsGetValue
GetEnvironmentVariableW
IsValidLocale

ole32

CoCreateInstance
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
IsEqualGUID

gdi32

CreateDIBSection
GetWindowOrgEx
CreatePenIndirect
Pie
SelectPalette
RealizePalette
IntersectClipRect
GetPaletteEntries
GetCurrentObject
AngleArc
StretchBlt
CreateRectRgn
ArcTo
CreateCompatibleDC
PolyBezier
PlayEnhMetaFile
GetDIBColorTable
RoundRect
CreateBrushIndirect
GetObjectW
Polyline
BitBlt
CreatePalette
GdiFlush
Rectangle
GetBkMode
GetEnhMetaFileDescriptionW
SetTextColor
SetRectRgn
GetDIBits
ExtTextOutW
GetSystemPaletteEntries
PolyBezierTo
GetStockObject
ExcludeClipRect
MaskBlt
CreateRoundRectRgn
SetBkMode
ExtCreateRegion
LineTo
SetBrushOrgEx
SetWindowOrgEx
GetViewportOrgEx
GetPixel
UnrealizeObject
SelectObject
CreateDIBitmap
SetPixel
SetStretchBltMode
DeleteEnhMetaFile
CreateBitmap
GetRgnBox
SetDIBits
GetEnhMetaFileBits
DeleteDC
SaveDC
CopyEnhMetaFileW
DeleteObject
SetROP2
Arc
CreateHalftonePalette
SetBkColor
SetGraphicsMode
GetBrushOrgEx
RectVisible
Polygon
CreateFontIndirectW
FrameRgn
GetWinMetaFileBits
CreateSolidBrush
Ellipse
GetCurrentPositionEx
ExtFloodFill
GetStretchBltMode
GetTextExtentPoint32W
SetDCPenColor
SetWinMetaFileBits
SetDIBColorTable
PatBlt
CombineRgn
GetNearestPaletteIndex
Chord
GetTextMetricsW
GetTextColor
GetDeviceCaps
CreateCompatibleBitmap
MoveToEx
RestoreDC
GetEnhMetaFileHeader
SetWorldTransform
GetTextExtentPointW
GetEnhMetaFilePaletteEntries
GetBitmapBits
SetEnhMetaFileBits
GetClipBox
EnumFontFamiliesExW
SetViewportOrgEx

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 106KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3abb3a9ecde1dd4cefd1ae9f8eb9b8f

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

shell32

user32

version

oleaut32

advapi32

msvcrt

winhttp

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.itext Size: 13KB - Virtual size: 12KB

.data Size: 484KB - Virtual size: 483KB

.bss Size: - Virtual size: 106KB

.idata Size: 13KB - Virtual size: 13KB

.didata Size: 4KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 108B

.tls Size: - Virtual size: 88B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 283KB - Virtual size: 282KB

.rsrc Size: 321KB - Virtual size: 321KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.itext
Size: 13KB - Virtual size: 12KB

.data
Size: 484KB - Virtual size: 483KB

.bss
Size: - Virtual size: 106KB

.idata
Size: 13KB - Virtual size: 13KB

.didata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 108B

.tls
Size: - Virtual size: 88B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 283KB - Virtual size: 282KB

.rsrc
Size: 321KB - Virtual size: 321KB