a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545.zip
Size

478KB
MD5

6a5e0d488d066af18e5c59d49b9b92ae
SHA1

b4549feb6ab638d990706291be888d5d70292524
SHA256

86a66c197c0b4719ca7b45d9e79b61355a3ad31d9c0f80b0883c1fe70f2728d7
SHA512

268d2a50c8c88d0e2a623d017327b4b17a72ae0fd3158e04575b1f279cd7edd48861c4242aeb8ff0936864d647ef5802bfe4e26c9c5104086e441d28856e6784
SSDEEP

12288:2NixfEabay3ADRX/8LhDFfx3sXyvtrwtIqK96W5j:eiVE28RXULdFfqXewab96W1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545

Files

a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545.zip
.zip

Password: threatbook
a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545
.exe windows:4 windows x86

Password: threatbook

f932d12798f7f6949568c59b34986bcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
TerminateThread
CreateEventA
WaitForSingleObject
SetEvent
GetDriveTypeA
DeviceIoControl
ResetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
OpenFile
VirtualLock
VirtualProtect
GetSystemTimeAsFileTime
SetEnvironmentVariableW
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeLibrary
LoadLibraryA
GetProcAddress
FindResourceA
ExitProcess
LocalFree
SetEndOfFile
CreateFileA
SetStdHandle
SetEnvironmentVariableA
LoadResource
LockResource
VirtualAlloc
GetModuleHandleA
GetCommandLineA
SetThreadPriority
SetConsoleTitleA
AllocConsole
GetModuleFileNameA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
FindFirstFileA
FindClose
FindNextFileA
GetFileAttributesA
DeleteFileA
SetFileAttributesA
CopyFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
Sleep
MulDiv
InterlockedDecrement
MultiByteToWideChar
CreateProcessA
CloseHandle
CreatePipe
GetLastError
ReadFile
WriteFile
PeekNamedPipe
GetCurrentThreadId
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
GetVersion
InterlockedIncrement
RtlUnwind
TerminateProcess
GetCurrentProcess
IsBadReadPtr
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW

user32

SetCapture
RegisterClassA
LoadIconA
IsIconic
PostThreadMessageA
SetWindowLongA
DialogBoxParamA
SendDlgItemMessageA
SetForegroundWindow
GetDlgItem
GetWindowTextA
SetTimer
EndDialog
ChangeDisplaySettingsA
ReleaseDC
CreatePopupMenu
EnableWindow
MoveWindow
LoadCursorA
SetCursor
BeginPaint
DrawEdge
EndPaint
ReleaseCapture
FillRect
InvalidateRect
ShowWindow
SetWindowTextA
SetActiveWindow
SetMenu
DestroyMenu
GetMenu
AdjustWindowRect
CreateMenu
CharLowerBuffA
AppendMenuA
PostMessageA
DestroyWindow
GetScrollInfo
SetScrollPos
IsWindowEnabled
SetScrollInfo
GetFocus
GetScrollPos
CallWindowProcA
CreateWindowExA
GetClientRect
GetDesktopWindow
ClientToScreen
SetCursorPos
GetCursorPos
ValidateRect
DefWindowProcA
GetWindowRect
GetDC
SendMessageA
SetFocus
PeekMessageA
MsgWaitForMultipleObjects
GetWindowLongA
GetParent
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
MessageBoxA
KillTimer
UnregisterClassA
GetForegroundWindow

opengl32

wglDeleteContext
wglCreateContext
wglShareLists
glVertex2i
glBegin
wglGetProcAddress
wglMakeCurrent
glBindTexture
glCallLists
glRasterPos2i
glListBase
glEnd
glDisable
glScissor
glTexEnvi
glReadPixels
glDrawPixels
glTexParameteri
glTexImage2D
glGenTextures
glDeleteTextures
glEnable
glViewport
glMatrixMode
glLoadIdentity
glOrtho
glAlphaFunc
glColor3ub
glPixelMapfv
glDeleteLists
glGenLists
wglUseFontBitmapsA
glTexCoord2f

wsock32

ntohs
WSAStartup
listen
ioctlsocket
connect
getsockname
closesocket
setsockopt
recvfrom
inet_ntoa
select
sendto
htons
htonl
ntohl
WSACleanup
WSAGetLastError
inet_addr
__WSAFDIsSet
getpeername
recv
send
accept
gethostbyname
bind
socket

winmm

waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInGetDevCapsA
waveInGetNumDevs
waveInStart
waveInOpen
waveInClose
waveInReset
waveOutOpen
timeEndPeriod
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerSetControlDetails
mixerOpen
mixerGetNumDevs
mixerClose
waveOutGetNumDevs
mciSendCommandA
mciGetErrorStringA
waveOutGetDevCapsA
timeBeginPeriod
timeKillEvent
timeSetEvent
timeGetTime

comctl32

ImageList_Create
ImageList_Destroy
_TrackMouseEvent
InitCommonControlsEx
ImageList_AddMasked

gdi32

SelectObject
GetTextExtentPoint32A
CreateCompatibleDC
DeleteDC
GetStockObject
GetTextMetricsA
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
BitBlt
StretchBlt
ExtTextOutA
SetTextColor
SetBkMode
SetPixelFormat
ChoosePixelFormat
SwapBuffers
GetTextFaceA
DeleteObject
AddFontResourceA
CreateFontA
GetDeviceCaps
CreateFontIndirectA
Ellipse
Rectangle
Polyline
CreatePen
CreateDIBSection

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

ole32

OleSetContainedObject
OleCreate
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString

oleaut32

VariantChangeType
SysFreeString
SysAllocString
VariantCopy
VariantClear
VariantInit

advapi32

RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA

msacm32

acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader

Exports

Exports

_bbWinMain@0
runtimeGetRuntime

Sections

.text
Size: 536KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

f932d12798f7f6949568c59b34986bcb

Headers

File Characteristics

Imports

kernel32

user32

opengl32

wsock32

winmm

comctl32

gdi32

comdlg32

shell32

ole32

oleaut32

advapi32

msacm32

Exports

Exports

Sections

.text Size: 536KB - Virtual size: 533KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 120KB - Virtual size: 416KB

.rsrc Size: 504KB - Virtual size: 503KB

.reloc Size: 56KB - Virtual size: 80KB

.text
Size: 536KB - Virtual size: 533KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 120KB - Virtual size: 416KB

.rsrc
Size: 504KB - Virtual size: 503KB

.reloc
Size: 56KB - Virtual size: 80KB