35bb857b73b6a375c072c5cc27ae64d98c150bafcfd2107c616f712788ec0432[.]zip

Resubmissions

20-11-2023 09:36

231120-lk9zfaeh96 3

20-11-2023 09:31

231120-lhklrseh92 3

Sharing

Copy URL

Twitter E-mail

General

Target

35bb857b73b6a375c072c5cc27ae64d98c150bafcfd2107c616f712788ec0432.zip
Size

15.0MB
MD5

ae80504a93447d264983c6772550c039
SHA1

18c394efa9543897c902f115d517cb14b611ecf9
SHA256

1789f1d081bedcb5b5c3b78e4d5c87de422593e306fce325dad5bd1dff05aec1
SHA512

c3a61e5ee5feefb0f51ecd5d0834e600ba135584aea41c1243e6a69f60e1ed9436aa569cf814ea7ded136cc441af9414acd4f8f0c657dcdd82f92466e0614b60
SSDEEP

393216:nFoQlsXnks31GRTOuCk4fnnRnxrG4QSl8VBdzZzH8ZkX:nFCXnZ3BPTfnnBCSl8VN8kX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/35bb857b73b6a375c072c5cc27ae64d98c150bafcfd2107c616f712788ec0432

Files

35bb857b73b6a375c072c5cc27ae64d98c150bafcfd2107c616f712788ec0432.zip
.zip

Password: threatbook
35bb857b73b6a375c072c5cc27ae64d98c150bafcfd2107c616f712788ec0432
.exe windows:4 windows x86 arch:x86

Password: threatbook

a5fd8a734d43661c99ac5511e6506c89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
InterlockedExchange
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetTickCount
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
lstrcmpA
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
lstrcpynA
FormatMessageA
LocalFree
GetModuleFileNameA
MultiByteToWideChar
InterlockedIncrement
FreeLibrary
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrlenA
lstrcatA
LoadLibraryA
GetProcAddress
Sleep
WideCharToMultiByte
SetLastError
CloseHandle
GetLastError
SetUnhandledExceptionFilter
InterlockedDecrement

user32

MessageBeep
CharUpperA
GetDCEx
LockWindowUpdate
SetCapture
RegisterClipboardFormatA
SetParent
PostThreadMessageA
InsertMenuA
SetRect
WindowFromPoint
KillTimer
SetTimer
LoadStringA
GetSysColorBrush
LoadCursorA
PtInRect
GetClassNameA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
IsZoomed
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
BringWindowToTop
InvalidateRect
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetMenuCheckMarkDimensions
LoadBitmapA
GetNextDlgGroupItem
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetMenuStringA
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
SendMessageA
EnableWindow
UpdateWindow
GetClientRect
GetSubMenu
LoadMenuA
wsprintfA
IsWindowEnabled
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
CopyAcceleratorTableA
CharNextA
DestroyIcon
DeleteMenu
GetMenuState
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetDlgItem
GetWindowLongA
GetParent
DestroyWindow
CreateDialogIndirectParamA
GetSystemMetrics
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetSysColor
UnpackDDElParam

gdi32

Escape
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectA
DPtoLP
ExtTextOutA
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
TextOutA
RectVisible
PtVisible
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateRectRgn
DeleteObject
GetTextExtentPoint32A
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetFileSecurityA
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegQueryValueA
SetFileSecurityA
RegDeleteValueA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
CoInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantInit
VariantCopy
SysFreeString
SysAllocString
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo
VariantClear

wininet

FtpGetFileSize
InternetCrackUrlA
InternetOpenA
InternetConnectA
FtpOpenFileA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17.3MB - Virtual size: 17.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

a5fd8a734d43661c99ac5511e6506c89

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 264KB - Virtual size: 261KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 17.3MB - Virtual size: 17.3MB

.text
Size: 264KB - Virtual size: 261KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 17.3MB - Virtual size: 17.3MB