NetFramework[.]4[.]0[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

NetFramework.4.0.7z
Size

1.9MB
MD5

416d2e0fe8f5a9f56a2c7b54d058a789
SHA1

84e31edfb450b84af1e72ad6c847132e29591659
SHA256

751320e2350b818ff4b4d78de56c379796bf61f1b9a4980c782831deb9a1275d
SHA512

b3af2a63c61599e28d3e40e8e7f0aae1350451d0ed0f01df102c7dd3fce09d379f5eb29075aee63b3922f83233196a3e69bc46678317591b210d4b56a4aca76e
SSDEEP

49152:I3L6CFGSGrWmX5POXXRl12xI1swiPCkuylaoQU:K1WX5mXXR1x1qBQU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Windows Driver Foundation (WDF).exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows Driver Foundation (WDF).exe
unpack001/Windows Driver Foundаtion (WDF).exe
unpack001/wudf.exe

Files

NetFramework.4.0.7z
.7z

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd
Windows Driver Foundation (WDF).exe
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows Driver Foundаtion (WDF).exe
.exe windows:10 windows x64

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd

fbb1e8290f0b168cec3d026f11d7e449

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-crt-l1-1-0

wcsrchr
wcscat_s
_vsnprintf_s
wcsstr
wcsncpy_s
wcscpy_s
__C_specific_handler
_vsnwprintf_s
_wcsicmp
memcpy
memset
wcstoul
_wcsnicmp
wcsncmp

api-ms-win-core-crt-l2-1-0

__wgetmainargs
_purecall
exit
_initterm_e
_initterm
__dllonexit3
_onexit

ntdll

RtlInitUnicodeString
DbgPrintEx
RtlSetIoCompletionCallback
VerSetConditionMask
RtlVerifyVersionInfo
NtQueryInformationFile
RtlNtStatusToDosError
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
NtSetInformationFile

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceLoggerHandle
GetTraceEnableLevel
UnregisterTraceGuids

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TlsGetValue
TerminateProcess
CreateThread
TlsFree
GetCurrentThread
TlsAlloc
GetCurrentThreadId
TlsSetValue
GetCurrentProcessId

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-sysinfo-l1-2-0

GetOsSafeBootMode

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl
EventUnregister
EventWriteTransfer
EventSetInformation
EventRegister

api-ms-win-core-heap-l1-1-0

HeapSetInformation
GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetTickCount

api-ms-win-core-com-l1-1-0

CoInitializeEx
CoUninitialize
CLSIDFromString

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
ReleaseSRWLockExclusive
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
CreateEventW
EnterCriticalSection
SetEvent
AcquireSRWLockExclusive
WaitForSingleObject
WaitForMultipleObjectsEx

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
SetEnvironmentVariableW

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryExW
LoadLibraryExA

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWait
SetThreadpoolThreadMinimum
CreateThreadpoolCleanupGroup
CloseThreadpool
WaitForThreadpoolWaitCallbacks
CloseThreadpoolWait
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CreateThreadpool
SetThreadpoolThreadMaximum
SetThreadpoolWait

api-ms-win-core-file-l1-1-0

ReadFile
CreateFileW
GetFileSizeEx
WriteFile
FlushFileBuffers

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
VirtualProtect
VirtualQuery

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-namedpipe-l1-1-0

WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-io-l1-1-0

GetOverlappedResult
DeviceIoControl

api-ms-win-security-base-l1-1-0

RevertToSelf

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

wudfplatform

WudfWaitForDebugger
WudfDebugBreakPoint
WudfIsUserDebuggerPresent
GetAndInitializePlatformObject
InitializePlatformLibrary
WdfGetLpcInterface
SetPlatformErrorReportingCallbacks
ShutdownPlatformLibrary
WudfIsKernelDebuggerPresent

Exports

Exports

Microsoft_WDF_UMDF_Version

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wtime.cmd
wudf.exe
.exe windows:4 windows x64

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.1MB

UPX1 Size: 1.7MB - Virtual size: 1.7MB

UPX2 Size: 512B - Virtual size: 4KB

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd

fbb1e8290f0b168cec3d026f11d7e449

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-crt-l1-1-0

api-ms-win-core-crt-l2-1-0

ntdll

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-memory-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

wudfplatform

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 4KB - Virtual size: 3KB

.pdata Size: 12KB - Virtual size: 8KB

.didat Size: 4KB - Virtual size: 272B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

Password: Gkjkjg7655ngdfJckjhfjhd789gdfhDGDFsfdgfd

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 4.1MB

UPX1
Size: 1.7MB - Virtual size: 1.7MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 4KB - Virtual size: 3KB

.pdata
Size: 12KB - Virtual size: 8KB

.didat
Size: 4KB - Virtual size: 272B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB