PakScape[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PakScape.exe
Size

195KB
MD5

0ccde4c6cd8a0e217b8ac23c4628fbe3
SHA1

a255e84964bc2fbe6b43718d60942aaa93fc5c34
SHA256

c0e657c87c511ab6d4f9a6ac96af715271a9e322c380ddeb56820385a0566fe1
SHA512

e26a231de9db23f3fb1ad12d35922d3b55e7176f6845c134ba6da2c9951e89098367707c54c02917f2d74bc0539dc24beff430319f04c3bbb04f35850e5f6874
SSDEEP

3072:cCP1H+FzFYpMQTnk05xM//licgsqBuoKjjzf8iC71lfFeOTgRI:cmQApMQTk0XM//licgsqBuvzffCpltv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PakScape.exe

Files

PakScape.exe
.exe windows:4 windows x86

97f6475c185e08cb0d25974e9322f5c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader
waveOutOpen
waveOutWrite
waveOutClose
waveOutReset

kernel32

Sleep
CloseHandle
FormatMessageA
GetTempFileNameA
WaitForMultipleObjects
GlobalAlloc
GlobalUnlock
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc
WaitForSingleObject
CreateThread
GetUserDefaultLCID
SetLocaleInfoA
GetTempPathA
CreateMutexA
GetLastError
ReleaseMutex
GlobalAddAtomA
GlobalDeleteAtom
GlobalGetAtomNameA
GetNumberFormatA
GetTickCount
GlobalLock
GlobalFree
DosDateTimeToFileTime
GetProcAddress
GetFullPathNameA
GetFileType
GetCurrentDirectoryA
SetHandleCount
SetFilePointer
GetStdHandle
WriteFile
FlushFileBuffers
ReadFile
VirtualFree
HeapCreate
VirtualAlloc
LCMapStringW
LCMapStringA
HeapDestroy
MultiByteToWideChar
GetVersion
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetSystemTime
GetTimeZoneInformation
GetLocalTime
FindNextFileA
MoveFileA
CreateDirectoryA
GetCurrentProcess
TerminateProcess
DeleteFileA
FindFirstFileA
GetDriveTypeA
ExitProcess
FileTimeToSystemTime
FindClose
FileTimeToLocalFileTime
HeapAlloc
HeapFree
GetFileAttributesA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetModuleFileNameA
GetEnvironmentStringsW
GetCPInfo
GetEnvironmentStrings
GetOEMCP
UnhandledExceptionFilter
GetACP
SetStdHandle
CreateFileA
LoadLibraryA
SetEndOfFile
RtlUnwind
GetStringTypeA

user32

CopyRect
LockWindowUpdate
GetDCEx
GetDesktopWindow
InvalidateRect
MapWindowPoints
UnionRect
BeginPaint
SetParent
PeekMessageA
SetRect
GetClassInfoExA
LoadCursorA
EndPaint
GetCapture
SetCursor
GetCursorPos
SetWindowPos
GetWindowRect
DialogBoxParamA
DestroyIcon
UpdateWindow
MessageBoxA
GetFocus
RedrawWindow
DrawEdge
ReleaseCapture
ValidateRect
SetCapture
GetDlgItemTextA
CreateDialogParamA
ReleaseDC
GetSystemMetrics
InsertMenuItemA
IsMenu
LoadAcceleratorsA
RegisterClipboardFormatA
LoadMenuA
FillRect
GetDC
RegisterClassExA
WindowFromPoint
GetClassLongA
GetDlgItem
GetClientRect
ScreenToClient
GetScrollInfo
GetWindowLongA
GetParent
SendMessageA
EndDialog
DispatchMessageA
GetMessageA
TranslateMessage
FindWindowA
TranslateMDISysAccel
TranslateAcceleratorA
DefWindowProcA
IsIconic
SetForegroundWindow
PostQuitMessage
CheckMenuItem
IsWindowVisible
GetWindowPlacement
GetWindow
DefFrameProcA
IsClipboardFormatAvailable
CreateMDIWindowA
DestroyWindow
DrawTextA
GetClassNameA
GetSysColor
LoadStringA
LoadIconA
CallWindowProcA
SetFocus
PostMessageA
GetWindowTextA
SetWindowTextA
EnumChildWindows
ShowWindow
DefMDIChildProcA
CreateWindowExA
MoveWindow
GetSubMenu
EnableMenuItem
CheckMenuRadioItem
SetDlgItemTextA
DrawMenuBar
SetWindowLongA
SetMenuItemInfoA
GetMenuItemCount
SystemParametersInfoA

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
RestoreDC
Polyline
CreatePen
GetTextExtentPoint32A
CreateRectRgnIndirect
SaveDC
PatBlt
CreatePatternBrush
CreateBitmap
CreateSolidBrush
DeleteObject
DeleteDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHChangeNotify
ShellExecuteExA
SHGetMalloc
DragQueryFileA
SHGetFileInfoA

ole32

DoDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleInitialize
RevokeDragDrop
OleUninitialize
OleSetClipboard
ReleaseStgMedium

comctl32

ord17
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Draw
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_SetBkColor
ord6

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f6475c185e08cb0d25974e9322f5c9

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 22KB - Virtual size: 95KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 22KB - Virtual size: 95KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 20KB - Virtual size: 19KB