zorusrevenge[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

zorusrevenge.zip
Size

17.1MB
MD5

065d3aa8e2885f273df8b1f4b0715a0c
SHA1

9e2ffad474ea3c899e4a5ec1693d81b4b61c3e83
SHA256

db5a13bea5e36044ca48a50a93466e2a60530d51a7fe7a9a6aa0f66fa7923724
SHA512

533d1dd3b4a8ae5e26dc75b5d029b49f2cbba974248d8ebb52c37a3b1e1263c8e207612bbf53c09c90f1d2d4563f43917a5f481b62e79306e098b16b6d22c33b
SSDEEP

393216:hwhG0cnOkG6K7HOL+AO1dXtnkTDFI0LgldQwiifWQOIaYzz:XhOX17uhO/gDFBLCLVNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ProInstaller_0001.exe

Files

zorusrevenge.zip
.zip
ProInstaller_0001.exe
.exe windows x86

d3d463db78fceb1c521c9c81f0d72355

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

comctl32

ImageList_GetBkColor
ImageList_GetIconSize
ImageList_DragLeave
FlatSB_SetScrollInfo
ImageList_Create
ImageList_DragShowNolock
ImageList_Write
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Add
ImageList_SetBkColor
FlatSB_GetScrollPos
ImageList_Read
ImageList_GetDragImage
ImageList_EndDrag
InitializeFlatSB
ImageList_DrawIndirect
ImageList_DragMove
ImageList_Destroy
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Draw
FlatSB_SetScrollProp
_TrackMouseEvent
ImageList_GetIcon
FlatSB_GetScrollInfo
ImageList_DrawEx
ImageList_BeginDrag
ImageList_Remove
FlatSB_SetScrollPos

shell32

ShellExecuteW
SHAppBarMessage
SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW

user32

GetCapture
GetMessageExtraInfo
MonitorFromWindow
HideCaret
DrawMenuBar
InsertMenuW
GetKeyNameTextW
SetRect
GetClassLongW
GetSysColor
GetComboBoxInfo
DrawFocusRect
DispatchMessageW
GetParent
WaitMessage
GetMessagePos
MonitorFromPoint
WindowFromPoint
IsWindowEnabled
GetClientRect
ShowWindow
SetCursor
SendMessageW
FrameRect
GetMonitorInfoW
MsgWaitForMultipleObjects
DestroyWindow
TrackPopupMenu
GetWindowLongW
CharNextW
TranslateMDISysAccel
TranslateMessage
AdjustWindowRectEx
SetScrollPos
SetClassLongW
IsClipboardFormatAvailable
CallNextHookEx
MessageBoxW
DefMDIChildProcW
DrawIcon
RegisterClipboardFormatW
SendMessageA
SetWindowPos
DrawIconEx
EnumClipboardFormats
FillRect
GetWindowThreadProcessId
SetWindowPlacement
GetKeyState
RegisterWindowMessageW
LoadStringW
DispatchMessageA
GetKeyboardState
GetDlgItem
CharUpperBuffW
GetScrollRange
SetForegroundWindow
EnableWindow
SetFocus
SetClipboardData
GetMenuStringW
OffsetRect
GetClassInfoW
DrawTextExW
LoadKeyboardLayoutW
GetMenuItemCount
GetDC
ScrollWindow
IsDialogMessageW
MapWindowPoints
CreatePopupMenu
GetIconInfo
IsDialogMessageA
DrawTextW
GetClassNameW
SetScrollInfo
ShowOwnedPopups
ClientToScreen
RemovePropW
IsWindowVisible
GetCursorPos
PtInRect
MsgWaitForMultipleObjectsEx
FindWindowExW
DestroyMenu
CopyImage
OpenClipboard
GetSystemMenu
SetWindowsHookExW
GetSubMenu
GetWindowRect
IsZoomed
CheckMenuItem
CharLowerW
CreateIconIndirect
GetMenuItemID
PostQuitMessage
DefFrameProcW
GetWindowTextW
GetScrollPos
ShowCaret
SetPropW
SetCursorPos
GetKeyboardLayoutList
MessageBeep
GetMenuItemRect
ActivateKeyboardLayout
SetCapture
ReleaseDC
KillTimer
LoadBitmapW
GetDlgCtrlID
PeekMessageW
PeekMessageA
UpdateWindow
DestroyCursor
CallWindowProcW
GetDesktopWindow
InvalidateRect
GetActiveWindow
DefWindowProcW
InflateRect
EmptyClipboard
DeleteMenu
BeginPaint
SetTimer
CharLowerBuffW
GetKeyboardLayoutNameW
IsWindowUnicode
IsWindow
GetWindowDC
EnumWindows
FindWindowW
GetKeyboardLayout
GetPropW
SetWindowTextW
LoadIconW
MapVirtualKeyW
GetMenuState
SwitchToThisWindow
SetActiveWindow
GetSystemMetrics
CloseClipboard
GetWindowPlacement
DrawEdge
EnumDisplayMonitors
EndMenu
ValidateRect
EndPaint
GetForegroundWindow
SystemParametersInfoW
ReleaseCapture
GetWindow
GetLastActivePopup
EnumThreadWindows
GetFocus
SetMenuItemInfoW
CharUpperW
SetScrollRange
LoadCursorW
IsChild
GetUpdateRect
DestroyIcon
GetSysColorBrush
SetWindowRgn
EnumChildWindows
SetMenu
GetClipboardData
SetParent
PostMessageW
RemoveMenu
UnregisterClassW
IsRectEmpty
EnableScrollBar
RedrawWindow
ShowScrollBar
UnhookWindowsHookEx
SetWindowLongW
ScreenToClient
EnableMenuItem
IsIconic
DrawFrameControl
RegisterClassW
CreateIcon
GetMenu
GetTopWindow
GetMenuItemInfoW
CreateMenu
GetClassInfoExW
CreateWindowExW
InsertMenuItemW
GetCursor
GetScrollInfo
GetDCEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

SysFreeString
GetErrorInfo
VariantInit
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayGetUBound
SysAllocStringLen
VariantChangeType
SysReAllocStringLen
SafeArrayGetLBound
VariantCopy
VariantClear

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegFlushKey
QueryServiceStatus
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
GetUserNameW
RegOpenKeyExW
OpenSCManagerW
OpenProcessToken
RegCloseKey
OpenServiceW

msvcrt

memcpy
memset

winhttp

WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpQueryAuthSchemes
WinHttpWriteData
WinHttpAddRequestHeaders
WinHttpConnect
WinHttpOpen
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryOption
WinHttpGetProxyForUrl
WinHttpSetCredentials
WinHttpSetTimeouts

kernel32

GetTempPathW
SetEvent
GetDriveTypeW
GetCurrentProcessId
LockResource
GetComputerNameW
Sleep
EnumCalendarInfoW
TlsGetValue
IsValidLocale
TerminateThread
HeapAlloc
FindNextFileW
RaiseException
TlsSetValue
GlobalFindAtomW
GetLastError
LoadLibraryA
WideCharToMultiByte
WaitForSingleObject
GetVersion
FindFirstFileW
GetCurrentThread
GlobalAddAtomW
EnumResourceNamesW
ReadFile
CreateDirectoryW
LocalFree
LocalAlloc
IsDebuggerPresent
GetLocaleInfoW
LoadLibraryExW
GetExitCodeThread
GetModuleHandleW
GetDateFormatW
HeapCreate
FileTimeToSystemTime
CreateProcessW
GetFileSize
MoveFileW
WriteFile
ExitProcess
SetThreadLocale
GetCurrentThreadId
CompareStringW
CreateMutexW
GetDiskFreeSpaceW
GetTimeZoneInformation
VerSetConditionMask
WaitForMultipleObjectsEx
SetErrorMode
DeviceIoControl
CreateThread
GetLocalTime
LoadLibraryW
GetUserDefaultUILanguage
SizeofResource
ResumeThread
QueryPerformanceFrequency
HeapDestroy
GetCommandLineW
EnterCriticalSection
GlobalAlloc
SuspendThread
GlobalHandle
GetThreadLocale
VirtualAlloc
QueryPerformanceCounter
GetACP
GetProcessHeap
MultiByteToWideChar
GlobalSize
GetSystemDefaultUILanguage
RtlUnwind
GetThreadPriority
GetModuleFileNameW
GlobalLock
GetVersionExW
MulDiv
GetSystemInfo
GetStdHandle
DeleteCriticalSection
LoadResource
ResetEvent
FindResourceW
LCMapStringW
FreeLibrary
FindClose
CloseHandle
SetEndOfFile
CreateEventW
SetLastError
lstrlenW
InitializeCriticalSection
FormatMessageW
CreateFileW
GetStartupInfoW
VirtualQuery
LeaveCriticalSection
GetCurrentProcess
GetCPInfo
GetFileAttributesW
GlobalDeleteAtom
VirtualQueryEx
GetProcAddress
GetEnvironmentVariableW
FreeResource
GetFullPathNameW
GlobalUnlock
ExitThread
GetTickCount
GlobalFree
SetThreadPriority
GetCPInfoExW
SwitchToThread
SetFilePointer
UnhandledExceptionFilter
HeapFree
VirtualFree
VerifyVersionInfoW

ole32

CoUninitialize
CoInitialize
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
IsEqualGUID
CoCreateInstance
OleUninitialize

gdi32

SetStretchBltMode
RoundRect
PolyBezierTo
StretchBlt
GetTextExtentPoint32W
GetNearestPaletteIndex
ExtFloodFill
Rectangle
CreateDIBSection
CopyEnhMetaFileW
GetTextExtentPointW
Polygon
CreateHalftonePalette
ExtCreateRegion
GetEnhMetaFileBits
SetWindowOrgEx
GetStockObject
DeleteObject
ArcTo
Ellipse
GetCurrentPositionEx
GetPaletteEntries
CreatePalette
GetObjectW
SetTextColor
Arc
SetViewportOrgEx
SetDIBits
SetEnhMetaFileBits
SetDCPenColor
GetPixel
CreateBrushIndirect
CreateBitmap
GetCurrentObject
GetEnhMetaFileDescriptionW
Pie
SetPixel
CreatePenIndirect
RectVisible
MaskBlt
PlayEnhMetaFile
Polyline
BitBlt
GetTextColor
SetBkMode
GetWindowOrgEx
IntersectClipRect
EnumFontFamiliesExW
SetWinMetaFileBits
GetDeviceCaps
GetDIBits
GetBitmapBits
SetGraphicsMode
PolyBezier
GetDIBColorTable
GdiFlush
MoveToEx
CreateSolidBrush
GetClipBox
RealizePalette
SetBrushOrgEx
CreateRectRgn
ExcludeClipRect
CreateCompatibleDC
GetSystemPaletteEntries
SaveDC
SetBkColor
GetBkMode
GetEnhMetaFilePaletteEntries
CreateRoundRectRgn
UnrealizeObject
CreateDIBitmap
SelectPalette
GetViewportOrgEx
RestoreDC
LineTo
GetEnhMetaFileHeader
AngleArc
GetRgnBox
SetDIBColorTable
DeleteDC
PatBlt
SetRectRgn
CombineRgn
SetWorldTransform
CreateCompatibleBitmap
CreateFontIndirectW
GetTextMetricsW
Chord
SelectObject
GetStretchBltMode
ExtTextOutW
GetWinMetaFileBits
FrameRgn
DeleteEnhMetaFile
SetROP2
GetBrushOrgEx

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 485KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 106KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3d463db78fceb1c521c9c81f0d72355

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

shell32

user32

version

oleaut32

advapi32

msvcrt

winhttp

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.itext Size: 13KB - Virtual size: 12KB

.data Size: 485KB - Virtual size: 484KB

.bss Size: - Virtual size: 106KB

.idata Size: 13KB - Virtual size: 13KB

.didata Size: 4KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 108B

.tls Size: - Virtual size: 88B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 283KB - Virtual size: 283KB

.rsrc Size: 321KB - Virtual size: 321KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.itext
Size: 13KB - Virtual size: 12KB

.data
Size: 485KB - Virtual size: 484KB

.bss
Size: - Virtual size: 106KB

.idata
Size: 13KB - Virtual size: 13KB

.didata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 108B

.tls
Size: - Virtual size: 88B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 283KB - Virtual size: 283KB

.rsrc
Size: 321KB - Virtual size: 321KB