ap-file-ainstgenformac[.]exe--1266942396[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ap-file-ainstgenformac.exe--1266942396.zip
Size

356KB
MD5

0e21a51add70a6601ad9f8bf1645be49
SHA1

6e61885b50c7be0ee5d811aa071c0d5c45ab30a6
SHA256

bb5b61c18c9b431d332c21911794caa3c0b59b43239a80866b66a8f2d2ba82c5
SHA512

c868736154ed6d6fcd0f5e9946406061357a2c2bb968027f569ad00eb85668ceb6a2f89ced446de7c9fea28a46a8718fcc82f10b5219fa78b06cfb0a5ddc30fd
SSDEEP

6144:cqhRjtgbDQm+Eb+2OqfUDIlZe9lL3Ss4TZ9JZCfn+FAzJ9bCPfB9Xr:Xgbkmtb+3qcUZmleJaPQAzJsh9Xr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ainstgenformac.exe

Files

ap-file-ainstgenformac.exe--1266942396.zip
.zip

Password: cautionhandlewithcare
ainstgenformac.exe
.exe windows:4 windows x86 arch:x86

Password: cautionhandlewithcare

9b88e73b0b976179a1851a2d29d498ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessVersion
GlobalGetAtomNameW
GetStartupInfoW
ExitProcess
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
ExitThread
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
FatalAppExitA
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
WritePrivateProfileStringW
GetStringTypeA
GetStringTypeW
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
CreateFileMappingA
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
EnumResourceTypesW
EnumResourceNamesW
VirtualQuery
OutputDebugStringW
FormatMessageA
GetSystemDirectoryA
GetFileAttributesA
VirtualProtect
DeviceIoControl
OutputDebugStringA
GetComputerNameW
GetProfileStringA
GlobalAddAtomA
FindResourceA
ResetEvent
TerminateThread
WaitForMultipleObjects
GetExitCodeThread
ReleaseMutex
OpenFileMappingW
CreateMutexW
OpenMutexW
CreateSemaphoreW
ReleaseSemaphore
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
GlobalSize
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GlobalFree
FindResourceW
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalLock
GlobalUnlock
FormatMessageW
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
lstrcpyW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
DuplicateHandle
lstrcpynW
SetLastError
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetWindowsDirectoryW
CreateDirectoryW
CreateFileMappingW
MapViewOfFile
CreateProcessW
GetExitCodeProcess
UnmapViewOfFile
LoadLibraryExW
LoadLibraryExA
EnumResourceLanguagesW
FindResourceExW
FreeLibrary
SizeofResource
LoadResource
LockResource
LoadLibraryA
GetTickCount
GetWindowsDirectoryA
MoveFileW
SetFileAttributesW
lstrcmpW
RemoveDirectoryW
FindFirstFileA
FindNextFileA
FindClose
LoadLibraryW
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryW
GetModuleHandleA
CreateFileA
GetFileInformationByHandle
CloseHandle
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
GetModuleHandleW
GetProcAddress
GetSystemInfo
GetStdHandle
WriteConsoleW
GetSystemDefaultLangID
SetThreadLocale
GetModuleFileNameW
WaitForSingleObject
GetCurrentDirectoryW
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetLastError
CopyFileW
DeleteFileW
GetVersionExA
Sleep

user32

UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
wvsprintfW
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ShowWindow
ScrollWindowEx
IsDialogMessageW
SetWindowTextW
PeekMessageW
GetCursorPos
SetWindowsHookExW
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageW
GetLastActivePopup
IsWindowEnabled
GetWindowTextLengthW
LoadStringW
UnregisterClassW
MsgWaitForMultipleObjects
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
CharUpperW
EnumWindows
IsWindowVisible
GetParent
GetWindowLongW
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutW
DrawTextW
GrayStringW
InsertMenuW
GetMenuStringW
RemoveMenu
GetClassNameW
PtInRect
GetDesktopWindow
LoadCursorW
SetCapture
ReleaseCapture
WaitMessage
WindowFromPoint
DeleteMenu
DestroyIcon
PostThreadMessageW
RegisterClipboardFormatW
InflateRect
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
MoveWindow
CheckDlgButton
SetRect
CopyAcceleratorTableW
GetWindowTextW
GetWindowThreadProcessId
EnumDesktopWindows
OpenWindowStationW
SetProcessWindowStation
CloseWindowStation
GetUserObjectInformationW
CharNextW
GetDialogBaseUnits
GetMenuCheckMarkDimensions
GetSysColorBrush
OpenInputDesktop
OpenDesktopW
GetThreadDesktop
SetThreadDesktop
CloseDesktop
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuW
SendMessageW
LoadIconW
wsprintfW
EnableWindow
MessageBoxW
SetFocus

gdi32

SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
SetMapperFlags
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CopyMetaFileW
CreateDCW
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
GetTextColor
GetBkColor
DPtoLP
ArcTo
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocW
DeleteDC
GetObjectW
SetBkColor
LPtoDP
GetCurrentPositionEx
SetTextColor
GetClipBox
CreatePatternBrush
CreateBitmap
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
ExtTextOutA
GetDCOrgEx

comdlg32

GetOpenFileNameW
GetFileTitleW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegConnectRegistryW
RegSetValueExA
RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceConfigW
RegOpenKeyW
GetUserNameW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegEnumValueW
LookupAccountNameW
SetSecurityDescriptorDacl
GetAce
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
RegQueryValueExA

shell32

ExtractIconW
DragQueryFileW
DragAcceptFiles
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
DragFinish

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleRun
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoGetClassObject
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
CoTaskMemAlloc
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CoInitializeEx

olepro32

ord253

oleaut32

SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayAllocData
LoadTypeLi
SysStringLen
SysReAllocStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayGetLBound
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysAllocString
VariantCopy
SafeArrayRedim
VariantClear
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData

setupapi

SetupInstallFileW

mpr

WNetAddConnection2W

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

ws2_32

WSAStartup
gethostbyname
inet_addr
htonl
ntohl
inet_ntoa

Sections

.text
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ainstgenformac.exe.METADATA

Sharing

General

Malware Config

Signatures

Files

Password: cautionhandlewithcare

Password: cautionhandlewithcare

9b88e73b0b976179a1851a2d29d498ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

setupapi

mpr

version

rpcrt4

ws2_32

Sections

.text Size: 668KB - Virtual size: 667KB

.rdata Size: 96KB - Virtual size: 94KB

.data Size: 28KB - Virtual size: 49KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 668KB - Virtual size: 667KB

.rdata
Size: 96KB - Virtual size: 94KB

.data
Size: 28KB - Virtual size: 49KB

.rsrc
Size: 28KB - Virtual size: 26KB