PAYLD_DECP[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

PAYLD_DECP.zip
Size

88KB
MD5

d8e1c73035e71f9e6b9703e12e02c205
SHA1

8da8a2d54d80747867b7b7ec5b9de7787dd7ca99
SHA256

15eb178d564162d76a0b515ee82cae5836ec8a48ffbad0e49b59a1f21c8d32fe
SHA512

eb33ba8f712565a940c9c066ad7e0a095bcf4f2dcee04f32599394671833521816f8f8a32dcf3ff2b31fd7dc3ab2b84bb3b1d8b9d0180b15bbed7fa50cb8fcc0
SSDEEP

1536:G7RfqOXiDiN60W1sYPEzUbnUpmxI3vw/oeZsFrg6ByVTw8QXULUJDNTKg54zJ287:ofqOXiDiN//YPZUpMI3SoeYrgOy5w8Qc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PAYLD_DECP.exe

Files

PAYLD_DECP.zip
.zip

Password: infected
PAYLD_DECP.exe
.exe windows:5 windows x86

dba00e249158a81d6b1e8f9d56027c10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
CreateDialogIndirectParamA
GetDesktopWindow
CharNextA
ReleaseDC
LoadImageA
GetDC
EndPaint
BeginPaint
DialogBoxIndirectParamA
CharLowerA
GetWindowLongA
wvsprintfA
SetWindowPos
FindWindowA
RedrawWindow
GetWindowTextA
EnableWindow
GetSystemMetrics
IsWindow
CheckRadioButton
UnregisterClassA
SetCursor
GetSysColorBrush
DialogBoxParamA
DestroyAcceleratorTable
DispatchMessageA
TranslateMessage
LoadIconA
EmptyClipboard
SetClipboardData
SetFocus
CharUpperA
OpenClipboard
IsDialogMessageA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RemoveMenu
InvalidateRect
ChildWindowFromPoint
PostMessageA
DestroyCursor
CreateDialogParamA
GetWindowRect
IsMenu
GetSubMenu
SetDlgItemInt
GetWindowPlacement
CharLowerBuffA
EnableMenuItem
CheckMenuRadioItem
GetSysColor
KillTimer
DestroyIcon
DestroyWindow
PostQuitMessage
GetClientRect
MoveWindow
GetSystemMenu
SetTimer
SetWindowPlacement
InsertMenuItemA
GetMenu
CheckMenuItem
SetMenuItemInfoA
SetActiveWindow
DefDlgProcA
RegisterClassA
EndDialog
SetDlgItemTextA
EnumClipboardFormats
GetClipboardData
CloseClipboard
GetClassInfoA
CallWindowProcA
SetWindowLongA
IsDlgButtonChecked
SetWindowTextA
CheckDlgButton
GetActiveWindow
MessageBoxA
wsprintfA
GetDlgItemTextA
SendMessageA
GetCursorPos
TrackPopupMenu
ClientToScreen
DestroyMenu
CreatePopupMenu
AppendMenuA
SendDlgItemMessageA
GetDlgItem
LoadCursorA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

gdi32

UnrealizeObject
CreateCompatibleDC
GetDeviceCaps
CreateHalftonePalette
CreatePalette
GetSystemPaletteEntries
GetDIBColorTable
SelectPalette
GetObjectA
GetStockObject
DeleteObject
SetBkMode
SetTextColor
CreateFontIndirectA
SelectObject
RealizePalette
BitBlt
DeleteDC

comctl32

ImageList_Remove
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_SetBkColor
CreateToolbarEx

kernel32

TlsAlloc
TlsGetValue
GetModuleHandleW
IsDebuggerPresent
InterlockedDecrement
InterlockedIncrement
AddAtomA
LockResource
LoadResource
FindResourceA
FindResourceExA
RemoveDirectoryA
FormatMessageA
SetEvent
OpenEventA
WaitForSingleObject
GetShortPathNameA
GetWindowsDirectoryA
CreateDirectoryA
SetLastError
CompareStringA
GetPrivateProfileStringA
GetUserDefaultLangID
GetAtomNameA
lstrlenW
GetPrivateProfileIntA
SetErrorMode
CompareStringW
lstrcatA
HeapAlloc
GetProcessHeap
HeapFree
TlsSetValue
Sleep
CreateThread
VirtualAlloc
VirtualFree
GetProcAddress
OpenProcess
IsBadStringPtrA
IsBadReadPtr
lstrcmpA
VirtualQuery
SetFilePointer
GetModuleFileNameA
GetSystemInfo
GetFileTime
GetFileSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetSystemTimeAsFileTime
GlobalReAlloc
FlushFileBuffers
DeviceIoControl
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
FlushViewOfFile
SetEndOfFile
LocalFree
SetProcessShutdownParameters
ExitProcess
DeleteFileA
GetLocalTime
TlsFree
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
RaiseException
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
ExitThread
ResumeThread
VirtualFreeEx
SetConsoleActiveScreenBuffer
LocalAlloc
ReadDirectoryChangesW
GetVersionExA
ReplaceFileA
IsDBCSLeadByteEx
GetPriorityClass
GetVersion
lstrlenA
lstrcpyA
lstrcpynA
GetFileAttributesA
FindClose
FindFirstFileA
ReadFile
GetTempFileNameA
GetTickCount
GetTempPathA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateProcess
OutputDebugStringA
ReadProcessMemory
GetCurrentDirectoryA
VirtualProtectEx
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetModuleHandleA
lstrcmpiA
RtlUnwind
GetStartupInfoA
GetCommandLineA
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapSize
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
WideCharToMultiByte
GetPrivateProfileStructA
WritePrivateProfileStructA
VirtualQueryEx
HeapReAlloc
FreeLibrary
LoadLibraryA
FindNextFileA
FileTimeToSystemTime
CopyFileA
SetFileAttributesA
TerminateThread
SetPriorityClass
GetCurrentProcess
GetLastError
WriteProcessMemory
SetCurrentDirectoryA

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

dba00e249158a81d6b1e8f9d56027c10

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

gdi32

comctl32

kernel32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 6KB - Virtual size: 33KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 6KB - Virtual size: 33KB

.rsrc
Size: 19KB - Virtual size: 18KB