testing_build[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

testing_build.zip
Size

368KB
MD5

17d738c5ab065e6ce1d8c424cfa197cd
SHA1

f71d33aca927c5e292feaa0b37b7272c9b0bb0e7
SHA256

728728241ce96c39aff2b19e0adfcb3f4e76ca85092f1f519a6461674d976a10
SHA512

dfd44cf23823b12bc4211141ee278063452ff1ad970e7e321f75f20a091c988eadacb2a7aacdceba2adc6351e06d66c0465c1f72ace8fa5da437fa6a116da90a
SSDEEP

6144:5RHCoLe+Ucfbn8ZeDgrcELB+luTSd7ynILGMGb+z0ddYBzW/bq+xwzwyGZRSrs:5koLe+UcdgrcE9VTpf/6gDySDq+6zwyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/testing build/build.dll
unpack001/testing build/injector.exe

Files

testing_build.zip
.zip
testing build/build.dll
.dll windows:6 windows x64

6b0595f93af26a3b312ad1481b262889

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
InitializeSListHead
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetSystemTimeAsFileTime

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
strchr
__std_exception_copy
memchr
_purecall
memcmp
memmove
memset
__std_terminate
_CxxThrowException
__C_specific_handler
memcpy
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_beginthreadex
_cexit
_initialize_narrow_environment
terminate
_execute_onexit_table
_initialize_onexit_table
_errno
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

api-ms-win-crt-convert-l1-1-0

strtoul
strtod
strtoull
atoi

api-ms-win-crt-string-l1-1-0

strncpy
isalpha
isupper
isgraph
toupper
strpbrk
iscntrl
strnlen
tolower
isdigit
islower
strncat
strcspn
strcmp
isspace
isxdigit
ispunct
isalnum

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vsprintf
fwrite

api-ms-win-crt-math-l1-1-0

cos
cosh
exp
floor
acos
asin
tanh
floorf
fmod
frexp
modf
log
log2
atan
ceil
_dsign
round
ldexp
pow
sin
sinh
sqrt
tan
atan2
log10

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-time-l1-1-0

_mkgmtime64
_gmtime64_s
_localtime64_s
strftime
_difftime64
_time64
clock

Sections

.text
Size: 353KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
testing build/injector.exe
.exe windows:6 windows x64

1461fe5c5b13e622ca51d330ff8602ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteProcessMemory
VirtualFree
GetCurrentProcess
GetStdHandle
VirtualAlloc
GetProcessId
OpenProcess
CreateToolhelp32Snapshot
Sleep
K32GetModuleFileNameExA
LoadLibraryA
Process32Next
CloseHandle
Process32First
VirtualAllocEx
GetCurrentProcessId
GetConsoleWindow
VirtualFreeEx
CreateDirectoryW
lstrlenA
CreateFileW
GetLastError
GetFileAttributesExW
DeleteFileW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
ReadFile
GetCurrentDirectoryW
LoadLibraryW
HeapSize
WriteConsoleW
SetEndOfFile
GetProcAddress
FlsFree
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
FormatMessageA
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
LocalFree
GetLocaleInfoEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
EncodePointer
DecodePointer
FlsAlloc
FlsGetValue
FlsSetValue
RtlUnwind
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
WriteFile
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
GetFileSizeEx
SetFilePointerEx
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale

user32

SetWindowsHookExA
ShowWindow
FindWindowA
GetWindowThreadProcessId
UnhookWindowsHookEx

ole32

StringFromGUID2

dbghelp

SymCleanup
SymFromName
SymInitializeW
SymLoadModuleExW
SymSetOptions

urlmon

URLDownloadToFileW

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b0595f93af26a3b312ad1481b262889

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

Sections

.text Size: 353KB - Virtual size: 353KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 7KB - Virtual size: 8KB

.pdata Size: 17KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

1461fe5c5b13e622ca51d330ff8602ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

dbghelp

urlmon

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 5KB - Virtual size: 12KB

.pdata Size: 12KB - Virtual size: 11KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 353KB - Virtual size: 353KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 7KB - Virtual size: 8KB

.pdata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 5KB - Virtual size: 12KB

.pdata
Size: 12KB - Virtual size: 11KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB