File-Beat[.]Banger[.]v3[.]3[.]0[.]Uncensored-752414[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

File-Beat.Banger.v3.3.0.Uncensored-752414.zip
Size

20.8MB
MD5

2760707a17a2638bf1967cff2f4350f6
SHA1

7306475398a50260a3e048b2294aca4e9073bafa
SHA256

a9cba3981b5babef5953d941df590076519d5de4c3474f3d1eef4a888071b400
SHA512

c55c4689fb21d4cebba23cf12ecac6723944fc1085d1396fe2c127bbae3cab3c252dabf262149e3d0a7e40d000effdbd5944a2dcc66126fabe149e7cdabd9bf1
SSDEEP

393216:BfwRz7xWnuk/TWZfPCQdQbst+nAlFZhtLH/22ggCb0jIUOwUHdj:B0z7xNk/TWZaIQbPnAxjLHEPKtg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ProInstaller_0001.exe

Files

File-Beat.Banger.v3.3.0.Uncensored-752414.zip
.zip

Password: ok
ProInstaller_0001.exe
.exe windows:6 windows x86 arch:x86

Password: ok

ab7917c1f116757b304c7d1ea164ac40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
GetFileAttributesA
CloseHandle
CompareStringW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
GetFileAttributesExW
InitializeCriticalSectionEx
GetModuleHandleExW
GetSystemWow64DirectoryW
FormatMessageA
GetCurrentDirectoryA
WideCharToMultiByte
EncodePointer
FindFirstFileExW
ExitThread
WriteConsoleW
UnhandledExceptionFilter
LoadLibraryExW
TlsGetValue
WaitForMultipleObjects
IsDebuggerPresent
IsValidCodePage
lstrlenA
FindFirstFileA
GetCurrentThreadId
GetCommandLineW
GetCurrentThread
GetLogicalDriveStringsW
GetLastError
GetSystemTimeAsFileTime
CreateFileA
SetFilePointer
GlobalUnlock
CreateSemaphoreA
FreeEnvironmentStringsW
EnumSystemLocalesW
GetProcessHeap
SetEndOfFile
MoveFileExW
GetProcessAffinityMask
GetConsoleMode
CreateThread
DeleteFileW
GetStringTypeW
GetDateFormatW
HeapAlloc
IsProcessorFeaturePresent
FindFirstFileW
GetStartupInfoW
IsValidLocale
GetConsoleOutputCP
GetFileType
CreateDirectoryW
GetFileInformationByHandle
VirtualAlloc
GlobalFree
GetFileSize
FileTimeToLocalFileTime
RtlUnwind
LoadLibraryA
RemoveDirectoryA
AreFileApisANSI
DeleteFileA
SetFileAttributesW
DeleteCriticalSection
SystemTimeToTzSpecificLocalTime
MultiByteToWideChar
FlushFileBuffers
TerminateProcess
GetACP
SetFileAttributesA
GetModuleFileNameW
VerSetConditionMask
GlobalAlloc
GetCurrentProcess
MoveFileW
SetFilePointerEx
FindClose
LoadLibraryW
GetEnvironmentVariableA
lstrcatW
LCMapStringEx
GetFileAttributesW
GetModuleFileNameA
GetProcAddress
lstrlenW
PeekNamedPipe
InitializeSListHead
GetCPInfo
GetModuleHandleA
LocalFree
CompareFileTime
GetTimeZoneInformation
SetLastError
VirtualFree
TlsFree
EnterCriticalSection
GetLogicalDriveStringsA
SetEvent
GlobalMemoryStatus
TlsSetValue
GetSystemDirectoryW
DecodePointer
GetDriveTypeW
GetVersionExA
HeapSize
FreeLibraryAndExitThread
HeapFree
SleepEx
QueryPerformanceFrequency
GlobalLock
GetCurrentProcessId
WriteFile
GetUserDefaultLCID
SetStdHandle
GetLocaleInfoW
GetStdHandle
RemoveDirectoryW
ResetEvent
CreateDirectoryA
ReadConsoleW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetFileSizeEx
LeaveCriticalSection
FreeLibrary
SetFileTime
FindNextFileW
lstrcatA
SetEnvironmentVariableW
GetTickCount64
GetOEMCP
ExitProcess
InitializeCriticalSection
ReadFile
CreateFileW
GetCurrentDirectoryW
HeapReAlloc
FindNextFileA
VerifyVersionInfoW
TlsAlloc
QueryPerformanceCounter
GetSystemInfo
FormatMessageW
ReleaseSRWLockExclusive
ReleaseSemaphore
RaiseException
GetTickCount
FileTimeToSystemTime
LCMapStringW
GetModuleHandleW
Sleep
AcquireSRWLockExclusive
CreateEventA
GetFullPathNameW
MoveFileA
WaitForSingleObject
GetTimeFormatW
SetPriorityClass

user32

GetWindowTextW
PostMessageA
MapDialogRect
GetWindowTextLengthW
SetWindowLongA
CharUpperA
EnableWindow
LoadStringA
MonitorFromWindow
GetWindowTextLengthA
DialogBoxParamA
GetMonitorInfoA
GetDlgItem
GetKeyState
SetClipboardData
SystemParametersInfoA
GetWindowRect
LoadCursorA
GetFocus
LoadIconA
SetTimer
CharUpperW
MoveWindow
SetWindowTextW
ShowWindow
SendMessageW
MessageBoxW
InvalidateRect
KillTimer
SetFocus
SetWindowTextA
CheckDlgButton
EmptyClipboard
ScreenToClient
GetWindowTextA
OpenClipboard
SetCursor
EndDialog
SendMessageA
wsprintfA
MessageBoxA
CloseClipboard
IsDlgButtonChecked
GetWindowLongA
GetParent
DialogBoxParamW
LoadStringW

advapi32

CryptGetHashParam
RegSetValueExW
CryptEncrypt
RegCloseKey
CryptDestroyHash
RegOpenKeyExW
CryptDestroyKey
RegCreateKeyExW
CryptReleaseContext
CryptImportKey
CryptAcquireContextW
CryptHashData
CryptCreateHash

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHGetSpecialFolderPathW
SHGetMalloc
CommandLineToArgvW

ole32

CoUninitialize
OleInitialize
CoInitialize
CoCreateInstance

oleaut32

VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

bcrypt

BCryptGenRandom

crypt32

CertFindExtension
CertFreeCertificateContext
CryptQueryObject
CertFreeCertificateChain
CertEnumCertificatesInStore
CertCloseStore
CertGetNameStringW
CertGetCertificateChain
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CertFindCertificateInStore
CryptStringToBinaryW
CertCreateCertificateChainEngine
CertOpenStore
PFXImportCertStore
CryptDecodeObjectEx

wldap32

ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord145
ord219
ord46
ord14
ord216
ord73
ord208
ord41
ord117
ord26
ord27

ws2_32

getpeername
sendto
recvfrom
WSAWaitForMultipleEvents
socket
ioctlsocket
gethostname
getsockopt
send
WSACloseEvent
getaddrinfo
WSAEventSelect
freeaddrinfo
WSAIoctl
WSACreateEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
WSAEnumNetworkEvents
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
WSAResetEvent

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: ok

Password: ok

ab7917c1f116757b304c7d1ea164ac40

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

bcrypt

crypt32

wldap32

ws2_32

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.rdata Size: 229KB - Virtual size: 229KB

.data Size: 8KB - Virtual size: 28KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 78KB - Virtual size: 78KB

.text
Size: 6.4MB - Virtual size: 6.4MB

.rdata
Size: 229KB - Virtual size: 229KB

.data
Size: 8KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 78KB - Virtual size: 78KB