Resubmissions
12-10-2023 05:13
231012-fwnyfsbc37 8Static task
static1
General
-
Target
Vega-X.exe_94341.zip
-
Size
18.0MB
-
MD5
4e87477c61f3d4f9754eaacf6547f92f
-
SHA1
ba8af7a3b8bd9375437731ca6d194d8c515400b9
-
SHA256
4846b7e4be59731b16c65b191aeb11600a26c4228a354f3d2953629fac21912f
-
SHA512
76ca2e124765a9fac87cb80a3acbfb4d6d010d0083df6f5536bdfae7803ff744313424b50bd23b3eae25fbf8f6df45c2d733fb10878021e09fdc4e4ae72ec3c6
-
SSDEEP
393216:R1FlqDZX7yg3kqW2pfy+/HOY31CKwWSCtvwstWLqODthf:R1Fl4XGskqWwfy+/3kKwWSCBwstzODvf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/StartSetup_20221.exe
Files
-
Vega-X.exe_94341.zip.zip
-
StartSetup_20221.exe.exe windows:6 windows x86
74a67995a00368577571949e3dd9274c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FreeLibraryAndExitThread
CloseHandle
SleepEx
LCMapStringEx
CreateFileW
GetProcessAffinityMask
VerSetConditionMask
SetEvent
QueryPerformanceFrequency
FindFirstFileW
WriteFile
CreateDirectoryW
CreateSemaphoreA
GetFileAttributesW
Sleep
GetCurrentThreadId
IsDebuggerPresent
FindNextFileA
GetProcAddress
CreateDirectoryA
MoveFileW
GetStdHandle
GetLogicalDriveStringsW
FormatMessageA
IsValidCodePage
FindFirstFileA
ReleaseSemaphore
FileTimeToSystemTime
WaitForSingleObject
GetSystemWow64DirectoryW
GetModuleFileNameW
GetModuleHandleExW
GlobalAlloc
GetEnvironmentStringsW
SetPriorityClass
GetFileType
FreeLibrary
DeleteFileA
ExitProcess
GlobalUnlock
GetFileSizeEx
GetModuleHandleA
ExitThread
FindClose
GetCurrentProcessId
lstrcatA
ReadConsoleW
WaitForSingleObjectEx
GetFileAttributesExW
GetStringTypeW
GetEnvironmentVariableA
lstrcatW
HeapReAlloc
lstrlenA
GetDriveTypeW
VirtualAlloc
GetUserDefaultLCID
TlsAlloc
GetConsoleOutputCP
IsProcessorFeaturePresent
TerminateProcess
SetEndOfFile
ResetEvent
LeaveCriticalSection
HeapSize
GetLogicalDriveStringsA
SetFileAttributesA
SetLastError
FormatMessageW
TlsFree
InitializeSListHead
LoadLibraryExW
GetFileSize
GetCurrentThread
SetUnhandledExceptionFilter
VerifyVersionInfoW
DeleteFileW
EnumSystemLocalesW
CompareFileTime
ReleaseSRWLockExclusive
LoadLibraryW
CreateFileA
GetACP
GetSystemTimeAsFileTime
EncodePointer
SetFilePointerEx
LCMapStringW
GetSystemDirectoryW
lstrlenW
GetTimeFormatW
GetFileInformationByHandle
SetStdHandle
GetTickCount64
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsW
EnterCriticalSection
DecodePointer
GetCPInfo
GetModuleHandleW
RtlUnwind
DeleteCriticalSection
GetCommandLineW
MultiByteToWideChar
FlushFileBuffers
RemoveDirectoryW
SetEnvironmentVariableW
SetFileAttributesW
GetProcessHeap
GetModuleFileNameA
CompareStringW
AreFileApisANSI
SetFileTime
TlsSetValue
InitializeCriticalSectionAndSpinCount
PeekNamedPipe
LoadLibraryA
GlobalLock
FileTimeToLocalFileTime
SetFilePointer
GetOEMCP
GetFullPathNameW
InitializeCriticalSection
GetFileAttributesA
RemoveDirectoryA
GlobalMemoryStatus
InitializeCriticalSectionEx
CreateThread
HeapAlloc
GetLastError
GetLocaleInfoW
QueryPerformanceCounter
ReadFile
HeapFree
UnhandledExceptionFilter
LocalFree
IsValidLocale
GetCurrentDirectoryA
GetCommandLineA
RaiseException
GetVersionExA
WideCharToMultiByte
GetStartupInfoW
GetCurrentDirectoryW
WriteConsoleW
AcquireSRWLockExclusive
FindNextFileW
WaitForMultipleObjects
VirtualFree
GetSystemInfo
MoveFileExW
TlsGetValue
GetTimeZoneInformation
GlobalFree
CreateEventA
GetTickCount
FindFirstFileExW
MoveFileA
GetDateFormatW
GetCurrentProcess
GetConsoleMode
user32
SetWindowLongA
SetWindowTextA
CloseClipboard
MessageBoxA
OpenClipboard
SetCursor
ShowWindow
GetMonitorInfoA
LoadCursorA
CheckDlgButton
GetKeyState
CharUpperA
GetWindowTextW
MoveWindow
CharUpperW
SetClipboardData
MonitorFromWindow
EndDialog
LoadStringA
ScreenToClient
DialogBoxParamA
EnableWindow
GetWindowTextA
KillTimer
MapDialogRect
InvalidateRect
GetWindowTextLengthA
SetFocus
GetWindowRect
GetWindowLongA
SendMessageA
GetFocus
DialogBoxParamW
SendMessageW
MessageBoxW
SystemParametersInfoA
SetTimer
SetWindowTextW
GetWindowTextLengthW
wsprintfA
IsDlgButtonChecked
LoadStringW
GetParent
GetDlgItem
PostMessageA
EmptyClipboard
LoadIconA
advapi32
RegCreateKeyExW
CryptReleaseContext
CryptGetHashParam
RegCloseKey
CryptDestroyHash
CryptCreateHash
CryptEncrypt
RegOpenKeyExW
CryptAcquireContextW
CryptDestroyKey
RegSetValueExW
CryptHashData
CryptImportKey
shell32
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
CommandLineToArgvW
SHGetSpecialFolderPathW
ole32
CoUninitialize
CoCreateInstance
CoInitialize
OleInitialize
oleaut32
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
bcrypt
BCryptGenRandom
crypt32
CertGetCertificateChain
CryptDecodeObjectEx
CertCloseStore
CertGetNameStringW
CertAddCertificateContextToStore
CertFreeCertificateContext
PFXImportCertStore
CertFindCertificateInStore
CryptQueryObject
CertOpenStore
CertFreeCertificateChain
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CryptStringToBinaryW
CertEnumCertificatesInStore
CertFindExtension
wldap32
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord145
ord219
ord46
ord14
ord216
ord73
ord208
ord41
ord117
ord26
ord27
ws2_32
getpeername
sendto
recvfrom
getaddrinfo
socket
ioctlsocket
gethostname
getsockopt
send
WSAIoctl
WSAWaitForMultipleEvents
WSACreateEvent
WSAResetEvent
WSACloseEvent
WSAEventSelect
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
freeaddrinfo
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
WSAEnumNetworkEvents
Sections
.text Size: 6.4MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 230KB - Virtual size: 230KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 78KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ