suf_rt[.]exe[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

suf_rt.exe.zip
Size

1.2MB
MD5

2301830ce244a4eb79e5ec5e2de33aed
SHA1

fae8705ea81f34ef62c64d186a0a16f7cfb5cba1
SHA256

98e4e63409520eb4ee3b13c4055b7cd9030226048527a2f395c6dad8f324e385
SHA512

dfb6ae44948b31e429b58a951f550944290a49e2d0e6db2174d9078cbdb4e960458312e1fa3556dd3c1e142639eb4c319a95df62f0a80e56133e769af70c258a
SSDEEP

24576:q366ktJsvdFFvSyldUMsnMUODTMeuXeaqgjkfESI4bINZ6J9Q1h:qKFJsvdFFvSyl1snvODTMD3qkZpee1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e09af83cfccf4bcc8a51fda76e5fa10e9d0d838aededb6f339551f8363797dc2

Files

suf_rt.exe.zip
.zip

Password: infected
e09af83cfccf4bcc8a51fda76e5fa10e9d0d838aededb6f339551f8363797dc2
.exe windows:5 windows x86 arch:x86

Password: infected

eba6ea3eb54d77d517181e99ff8c9533

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoA
VerQueryValueA

wininet

HttpAddRequestHeadersA
InternetWriteFile
HttpSendRequestExW
HttpEndRequestW

kernel32

GlobalFlags
WritePrivateProfileStringW
FlushFileBuffers
SetEndOfFile
SetErrorMode
GetSystemDirectoryW
GetStartupInfoW
HeapAlloc
RaiseException
RtlUnwind
HeapReAlloc
ExitProcess
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetConsoleOutputCP
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
lstrlenA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetCurrentThreadId
FreeResource
GlobalLock
GlobalUnlock
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetCurrentThread
GetProcessAffinityMask
SetProcessAffinityMask
GetSystemInfo
CancelIo
GetSystemDirectoryA
lstrcmpiA
GetDiskFreeSpaceA
LocalAlloc
LocalFree
ReadFile
CreateEventA
WriteConsoleA
SetFilePointer
CreateDirectoryA
GetTempPathA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
RemoveDirectoryA
GetComputerNameA
CreateFileA
DeviceIoControl
GetCurrentDirectoryA
GetModuleFileNameA
CreateMutexA
GetLocalTime
ReleaseMutex
DeleteFileA
GetVersionExA
LoadLibraryA
SetCurrentDirectoryA
GetSystemWindowsDirectoryA
GetFileAttributesA
GetCurrentProcessId
GetProcessHeap
HeapFree
WriteFile
CreateFileW
SetThreadAffinityMask
ResetEvent
QueueUserAPC
WaitForSingleObjectEx
GlobalMemoryStatus
GetTempPathW
GetFileAttributesW
GetSystemWindowsDirectoryW
GetVersionExW
WinExec
lstrlenW
lstrcatW
lstrcpyW
WriteConsoleW
ExitThread
GetStdHandle
GetPriorityClass
MulDiv
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
CloseHandle
InterlockedDecrement
FreeLibrary
SetLastError
LoadLibraryW
GetLastError
GetProcAddress
GetModuleHandleW
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalFree
Sleep
ResumeThread
SetThreadPriority
SetPriorityClass
GetCurrentProcess
CreateEventW
WaitForSingleObject
SetEvent
CreateThread
SetCurrentDirectoryW
GetComputerNameW
GetCurrentDirectoryW
LockResource
SizeofResource
LoadResource
FindResourceW
SetUnhandledExceptionFilter

user32

LoadCursorW
GetSysColorBrush
UnregisterClassW
DestroyMenu
PostQuitMessage
LoadIconW
SendDlgItemMessageA
WinHelpW
GetClassLongW
GetClassNameW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetScrollInfo
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetWindowsHookExW
CallNextHookEx
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDesktopWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
BeginPaint
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetLastActivePopup
SetPropW
GetCapture
GetActiveWindow
SetActiveWindow
SetWindowPos
ShowWindow
GetPropW
RemovePropW
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMessageW
GetMenuItemCount
GetSubMenu
UnhookWindowsHookEx
wsprintfA
ModifyMenuW
WindowFromPoint
PostMessageW
ReleaseCapture
DrawEdge
FrameRect
DrawFrameControl
FillRect
CheckMenuItem
EnableMenuItem
AppendMenuW
ClientToScreen
CreatePopupMenu
CreateCursor
SetCursor
DestroyCursor
UpdateWindow
SetRect
OffsetRect
DrawIcon
GetSystemMetrics
IsIconic
MessageBoxW
wsprintfW
InflateRect
DrawFocusRect
GetSysColor
IsRectEmpty
CopyRect
GetParent
PtInRect
DestroyIcon
SetWindowLongW
GetWindowLongW
LoadImageW
ReleaseDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClientRect
GetDC
GetWindowDC
KillTimer
SetTimer
InvalidateRect
EnableWindow
GetWindowRect
SetForegroundWindow
LoadBitmapW
SendMessageW
RegisterWindowMessageW
EndPaint

gdi32

CreatePen
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
MoveToEx
LineTo
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
SelectObject
CreateSolidBrush
SetPixel
GetCurrentObject
CreateFontIndirectW
GetPixel
CreateBitmap
CreateFontW
GetTextExtentPoint32W
GetDIBits
RealizePalette
SelectPalette
GetObjectW
GetStockObject
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
DeleteObject

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
RevertToSelf
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueExA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
RegCloseKey
RegQueryValueW
RegOpenKeyExW
FreeSid
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
RegOpenKeyExA

shell32

ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CoTaskMemFree
CoInitializeSecurity
CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitializeEx
CoInitialize
CoSetProxyBlanket

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetVartype

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

eba6ea3eb54d77d517181e99ff8c9533

Headers

DLL Characteristics

File Characteristics

Imports

winmm

version

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 272KB - Virtual size: 272KB

.data Size: 128KB - Virtual size: 150KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 272KB - Virtual size: 272KB

.data
Size: 128KB - Virtual size: 150KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB