Static task
static1
General
-
Target
III.VC.SA.WindowedMode.zip
-
Size
168KB
-
MD5
961259ce8b1de39852a60c52ea52e160
-
SHA1
7a634b07b14b91f34a74f2835ae625e62b658766
-
SHA256
303916d908244db52a38594a9c9dbd0e2b9741416040d2f2357d0db90d20fd0d
-
SHA512
9ec3052a15fd17990308f8844273acf58f188aa9a050531acf0edd016deab2c3d6984861434e3495296e243f262f3a5d90b37d24783fe65221bf19118fa5e9a4
-
SSDEEP
3072:hQPYGN4VzhtaK8Dzax6GHafKxBAa79mM5Pl0oC9afp7zLVTG8tb:hQPBN4VlR6uqg9RPWhYFLhbb
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/III.VC.SA.CoordsManager.exe unpack001/III.VC.SA.WindowedMode.asi
Files
-
III.VC.SA.WindowedMode.zip.zip
-
III.VC.SA.CoordsManager.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 153KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
III.VC.SA.WindowedMode.asi.dll windows:6 windows x86
0f7f7c66914a7329883fcbdcfd4f4595
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
TerminateProcess
VirtualProtect
GetModuleHandleA
GetTickCount
GetModuleFileNameA
GetModuleHandleExA
WritePrivateProfileStringA
SetEndOfFile
HeapSize
WriteConsoleW
CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapReAlloc
SetFilePointerEx
ReadConsoleW
ReadFile
GetConsoleMode
GetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapFree
GetACP
HeapAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
user32
MonitorFromWindow
EnumWindows
GetDesktopWindow
SetWindowLongW
GetWindowLongW
ScreenToClient
GetCursorPos
ShowCursor
AdjustWindowRectEx
GetWindowRect
GetMonitorInfoW
GetWindowTextA
SetWindowTextA
SetForegroundWindow
GetForegroundWindow
AppendMenuA
CreateMenu
SetMenu
GetMenu
GetKeyState
SetWindowPos
CallWindowProcW
SendMessageW
GetClientRect
shell32
ShellExecuteExA
Sections
.text Size: 156KB - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ