xp_activate32[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

xp_activate32.7z
Size

8KB
MD5

57603f5b65f5f984be8377de398cd7a1
SHA1

6a8066e5860db35965aceac15284021ad42389b7
SHA256

a807e3427183e8105c1fd5b5e2f81beff768736f8a36b29a89b0aeecee6a610f
SHA512

4163ed886c7158eb171a2c83d4b5f0714fc83afbf863f33e51fb3837f9ac24ba1b8fb9760c8fe7b99753668a28662d8e454ee2241f2e31d54d91322b3bc1641f
SSDEEP

192:AeDC0Lnpx97Js3JqfV+2LcDNE0dzkDYhPClzNpgM:AL0n97oUf5sW0diYhKlz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xp_activate32.exe

Files

xp_activate32.7z
.7z
xp_activate32.exe
.exe windows:5 windows x86

03ba35b9f7fb6362197f366f7435907f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
ExitProcess

user32

SetDlgItemTextW
GetDlgItemTextW
EnableWindow
GetSystemMetrics
UpdateWindow
GetDlgItem
SendMessageW
LoadImageW
DestroyIcon
LoadStringW
EndDialog
MessageBoxW
DialogBoxParamW

msvcrt

memset
memcpy

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

comctl32

InitCommonControlsEx

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ