06102023_2034_PSG08-13 Rev[.] 04 – Anexo 1[.]uue

Sharing

Copy URL

Twitter E-mail

General

Target

06102023_2034_PSG08-13 Rev. 04 – Anexo 1.uue
Size

163KB
MD5

c9bccb6fcdc7de307484123f2c459984
SHA1

e5091bdbf8d6c1b5a3979d0a29f624c222397d72
SHA256

2748de37783a6d486b2328c1e0a3d1dfb5422f7189145351dd18e6aa3fb1d5bf
SHA512

227cbddf9332d9e17bc1f1111414a17c3cc70e7571a49e1be8ee1d4027f12b174cbfe4875f65066fc3440c21ccc5bb3acd6f8bd3e666a811f4ca7d1d1a59ad74
SSDEEP

3072:KcgIqqIlZjtqrOVMPjtxDCIQnQAvZ2LBWhzDDbrHQyM4H+eVYgGtSrs1RzG:Puq8Zppu5JvQnPxewhzTLp+e3GYQ1RzG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PSG08-13 Rev. 04 – Anexo 1.exe

Files

06102023_2034_PSG08-13 Rev. 04 – Anexo 1.uue
.rar

Password: infected
PSG08-13 Rev. 04 – Anexo 1.exe
.exe windows:6 windows x86

Password: infected

a22220de868c52c78803e2e507226f09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
GetTempFileNameW
FileTimeToSystemTime
DeleteFileW
CreateFileW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
VirtualProtect
VirtualAlloc
FreeConsole
WriteConsoleW
SetFilePointerEx
CloseHandle
GetConsoleMode
GetConsoleCP
CompareFileTime
GetStringTypeW
SetStdHandle
GetVersionExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetFileType
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
ApplicationRecoveryFinished
Sleep
ApplicationRecoveryInProgress
CompareStringW
lstrlenW
GetProfileStringW
LocalAlloc
LocalReAlloc
LocalFree
GetModuleFileNameW
GetCurrentProcess
IsWow64Process
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetFileAttributesW
FreeLibraryAndExitThread
FlushFileBuffers
InterlockedExchange
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryExA
LCMapStringW
GetACP
GetCommandLineW
GetCommandLineA
InterlockedCompareExchange
DelayLoadFailureHook
FreeLibrary
LoadLibraryW
GetLocaleInfoEx
GetProcAddress
SetEnvironmentVariableA
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
DecodePointer

user32

AppendMenuW
RemoveMenu
EnableWindow
SetFocus
LoadStringW
SetWindowTextW
SetMenuItemInfoW
GetClientRect
ShowWindow
GetWindowPlacement
LoadImageW
UnregisterClassA
FillRect
CheckMenuRadioItem
CreateWindowExW
MessageBeep
SystemParametersInfoW
DialogBoxParamW
MessageBoxA
GetSysColor
DrawMenuBar
GetClassLongW
SetClassLongW
GetParent

gdi32

CreateRectRgnIndirect
CreateRectRgn
CreateCompatibleBitmap
ExtCreatePen
MoveToEx
LineTo
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
CreateSolidBrush
GetRgnBox
GetDeviceCaps
CreateCompatibleDC
CreateFontIndirectW
GetTextExtentPointW
DeleteDC
DeleteObject
CreateDIBSection
EqualRgn

advapi32

EventWrite
EventRegister
EventUnregister

shell32

SHGetFolderPathW
ShellAboutW
ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

comctl32

ImageList_Destroy
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_Add
ImageList_Create
PropertySheetW

gdiplus

GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDrawImageRectI
GdipSetInterpolationMode
GdipSetPageUnit
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipCloneBrush
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipFillRectangleI
GdipDisposeImage
GdipDrawLineI
GdipDrawArcI

rpcrt4

UuidToStringW
RpcStringFreeW
I_UuidCreate
UuidCreate

uxtheme

IsThemeActive

version

GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW

winmm

timeGetTime

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a22220de868c52c78803e2e507226f09

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

gdiplus

rpcrt4

uxtheme

version

winmm

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 458KB - Virtual size: 457KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 458KB - Virtual size: 457KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB