f006675e1c64df4d38edf7dad429b13e-sample[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

f006675e1c64df4d38edf7dad429b13e-sample.zip
Size

945KB
MD5

6acea7a4c4ef836686be1ce632d1057c
SHA1

d3e2be8f1ac8db0ffeff95a37787919751c4f602
SHA256

3c5cf8fd844dd742890ef9085deed7809b16bb8bc711d9af82dc9546c97b33fb
SHA512

d478182c25f141238fa805ec74e42cc4c3bf3dce2da8d97f8724c777491a833a55bea81b1ed889270509fd6d355e9399e16f6d535fb9994d59e53df15d8ec193
SSDEEP

24576:ibAkV/FCY9bn4HYhJvq/TqcYe6l+EL5Evp5elrbE5:iZjbnCTqcoIq560u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TextPad.exe

Files

f006675e1c64df4d38edf7dad429b13e-sample.zip
.zip

Password: infected
TextPad.exe
.exe windows:4 windows x86 arch:x86

Password: infected

a6d9a15b170696067fecc87a19b82e16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ScrollWindowEx
SetWindowTextA
IsDlgButtonChecked
SendDlgItemMessageA
GetDlgItemTextA
CheckRadioButton
UnhookWindowsHookEx
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetClassLongA
LockWindowUpdate
GetDCEx
ValidateRect
CallWindowProcA
IntersectRect
DrawStateA
DrawFrameControl
EqualRect
UnionRect
LoadImageA
DestroyIcon
WindowFromPoint
SystemParametersInfoA
RegisterWindowMessageA
IsCharAlphaA
DrawTextA
LoadBitmapA
GetClassInfoA
GetDlgCtrlID
TileWindows
InvalidateRgn
IsCharAlphaNumericA
MoveWindow
AdjustWindowRectEx
GetClassNameA
SetDlgItemTextA
IsRectEmpty
GetActiveWindow
CreateWindowExA
MapDialogRect
FrameRect
ReleaseDC
GetDC
EnumChildWindows
GetSysColorBrush
CharToOemA
TrackPopupMenu
DestroyMenu
GetMessagePos
ReuseDDElParam
UnpackDDElParam
LoadMenuA
SetMenu
GetMenu
ChangeClipboardChain
GetSystemMenu
GetForegroundWindow
GetWindowTextA
AppendMenuA
RemoveMenu
CheckMenuItem
FlashWindow
MessageBeep
SendNotifyMessageA
SetClipboardViewer
RedrawWindow
OffsetRect
GetKeyboardState
ToAscii
GetKeyNameTextA
MapVirtualKeyA
GetSubMenu
TranslateAcceleratorA
GetMessageA
DestroyAcceleratorTable
CopyAcceleratorTableA
CreateAcceleratorTableA
GetDoubleClickTime
GetWindowTextLengthA
IsDialogMessageA
MessageBoxA
keybd_event
GetKeyboardLayout
InflateRect
SetMenuDefaultItem
IsWindowEnabled
SetCursor
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetActiveWindow
SetFocus
OemToCharA
GetMenuStringA
GetDesktopWindow
EnableMenuItem
wvsprintfA
DispatchMessageA
TranslateMessage
PeekMessageA
ScreenToClient
GetDlgItem
IsCharUpperA
CharLowerA
SetWindowPos
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetCursorPos
IsWindowVisible
GetCursorPos
GetSystemMetrics
GetSysColor
DrawFocusRect
GetDialogBaseUnits
CopyRect
GetWindowLongA
SetClipboardData
GetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatA
CharToOemBuffA
OemToCharBuffA
ReleaseCapture
SetCapture
SetTimer
GetWindowPlacement
SetWindowPlacement
UnregisterClassA
SetScrollInfo
GetScrollInfo
ShowScrollBar
GetScrollPos
GetScrollRange
SetScrollRange
ScrollWindow
MapWindowPoints
GetTopWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
ShowOwnedPopups
DestroyCursor
GetMenuItemInfoA
DrawIcon
SetWindowRgn
GetWindowThreadProcessId
SetCaretPos
ClientToScreen
KillTimer
SetRect
GetCaretPos
HideCaret
ShowCaret
DestroyCaret
CreateCaret
FillRect
PtInRect
GetAsyncKeyState
GetMessageTime
IsChild
GetFocus
GetClientRect
SetRectEmpty
IsWindow
ReplyMessage
InSendMessage
GetWindowRect
GetMenuState
InsertMenuA
GetMenuItemID
GetWindow
GetLastActivePopup
FindWindowA
WinHelpA
GetCapture
GetMenuItemCount
DeleteMenu
ModifyMenuA
LoadStringA
wsprintfA
ShowWindow
CharUpperA
IsCharLowerA
WaitMessage
PostThreadMessageA
SetWindowLongA
InvalidateRect
EnableWindow
GetParent
SetParent
CreateMenu
GetTabbedTextExtentA
BringWindowToTop
DrawIconEx
IsMenu
DrawEdge
SetMenuItemInfoA
GetMenuDefaultItem
GetKeyState
SetForegroundWindow
IsZoomed
IsIconic
SetScrollPos
PostMessageA
UpdateWindow
IsClipboardFormatAvailable
EmptyClipboard
SendMessageA

kernel32

_lwrite
_lopen
_lcreat
_lread
_llseek
_lclose
GetLocaleInfoW
IsBadCodePtr
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapSize
TerminateProcess
ExitProcess
CreateThread
ExitThread
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
VirtualQuery
VirtualAlloc
HeapReAlloc
HeapCompact
IsBadReadPtr
SetErrorMode
FindResourceExA
GetOEMCP
LocalFileTimeToFileTime
GetProfileIntA
GlobalFlags
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
GetTickCount
lstrcmpA
lstrlenA
lstrcpyA
CreateFileA
CreateFileMappingA
MapViewOfFile
CloseHandle
UnmapViewOfFile
SuspendThread
ResumeThread
GetLastError
GlobalAddAtomA
FreeLibrary
GetModuleFileNameA
GetLogicalDrives
GetShortPathNameA
CreateProcessA
GlobalLock
GlobalUnlock
GlobalHandle
GlobalFree
GlobalAlloc
MulDiv
MultiByteToWideChar
WaitForSingleObject
ReleaseMutex
CreateMutexA
FindFirstFileA
GetFullPathNameA
FindNextFileA
FindClose
lstrcmpiA
GetDriveTypeA
GetFileAttributesA
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
DeleteFileA
lstrcpynA
GetTempPathA
GetTempFileNameA
SetFileAttributesA
Sleep
GetFileSize
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetFileTime
SetFileTime
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetEvent
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
ResetEvent
FindFirstChangeNotificationA
FormatMessageA
LocalFree
SetCurrentDirectoryA
CreateDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileA
CopyFileA
GetVolumeInformationA
GetSystemTime
SystemTimeToFileTime
GetUserDefaultLCID
LoadLibraryA
GetCurrentThread
GetCurrentProcess
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetCurrentProcessId
CreateEventA
GetUserDefaultLangID
GetCPInfo
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalReAlloc
SetThreadLocale
EnumResourceLanguagesA
InterlockedIncrement
InterlockedDecrement
GetLocalTime
SetEnvironmentVariableA
GetTimeFormatA
GetDateFormatA
GetSystemInfo
FreeResource
CompareStringW
lstrlenW
GetStringTypeExA
CompareStringA
GetVersion
SetLastError
DuplicateHandle
GetExitCodeProcess
ReadFile
CreatePipe
SetThreadPriority
GetCurrentThreadId
GlobalSize
lstrcmpW
GlobalFindAtomA
ConvertDefaultLocale
VirtualProtect
RaiseException
WriteFile
LockFile
UnlockFile
LocalAlloc
TlsGetValue

gdi32

CreatePen
PatBlt
CreateHatchBrush
CreateSolidBrush
GetStockObject
CreateFontIndirectA
StretchBlt
GetRgnBox
SetPaletteEntries
Polygon
CreateHalftonePalette
GetDIBits
SetROP2
GetWindowOrgEx
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
StretchDIBits
LPtoDP
CreateEllipticRgn
Rectangle
GetViewportOrgEx
SetRectRgn
SelectPalette
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateDCA
CopyMetaFileA
ExtCreatePen
GetTextExtentPointA
GetPaletteEntries
CreateFontA
CreateDIBitmap
Ellipse
GetCurrentObject
ExtFloodFill
SetDIBitsToDevice
SetStretchBltMode
RealizePalette
CreatePalette
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
CreateICA
GetTextFaceA
EnumFontFamiliesExA
DeleteDC
ExtTextOutA
GetTextAlign
GetTextExtentPoint32A
EnumObjects
GetCharWidthA
GetTextCharset
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextColor
GetBkColor
PtInRegion
GetTextExtentExPointA
GetNearestColor
DeleteObject
GetTextMetricsA
SelectObject
RectInRegion
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
GetDeviceCaps
StartDocA
SetAbortProc
FillRgn
CreatePolygonRgn
GetObjectA

oleaut32

VariantClear
SysAllocStringLen
VariantInit
VariantChangeType

advapi32

RegCloseKey
RegDeleteKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
IsTextUnicode
GetFileSecurityA
SetFileSecurityA
RegQueryValueExA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegCreateKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegSetValueA
RegConnectRegistryA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

mpr

WNetGetUniversalNameA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a6d9a15b170696067fecc87a19b82e16

Headers

File Characteristics

Imports

user32

kernel32

gdi32

oleaut32

advapi32

winspool.drv

mpr

version

shlwapi

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 320KB - Virtual size: 316KB

.data Size: 28KB - Virtual size: 44KB

.rsrc Size: 284KB - Virtual size: 281KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 320KB - Virtual size: 316KB

.data
Size: 28KB - Virtual size: 44KB

.rsrc
Size: 284KB - Virtual size: 281KB