62bcdfe5ea12114cac2742ddadc484d6

Sharing

Copy URL Twitter E-mail

General

Target

62bcdfe5ea12114cac2742ddadc484d6
Size

389KB
MD5

62bcdfe5ea12114cac2742ddadc484d6
SHA1

1d184ac973eac0c433a28e10c21517f23863818e
SHA256

e9a9df8b8671a3e093c3adb6b59c81994f9bdea40e1fc1ed2fc638ecd4b97e2a
SHA512

b3c590fe500089d8ffc3438cc2b4b2659d1622e55c293bdfa0efdc9ef55a4e90969607f486a99508a09e2ad9c9bfd073313288e091e3881469f97777cb2f6cae
SSDEEP

6144:Ph3ftxs3/rFBeDHQZ+ZG+//B+NztUHQ3b0BiYuVGbV85yOC0daSapMMof3bZ3DgO:53f2rFE++ZGcHQwiVGbOsOC0dmp4T6ID

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Dj.Dll
unpack002/MultiMaker.exe

Files

62bcdfe5ea12114cac2742ddadc484d6
.zip
FILE_ID.DIZ
KEYGEN.ZIP
.zip
Dj.Dll
.dll windows:4 windows x86 arch:x86

83adfce0f9196af692dcf87ecd153108

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsW
RaiseException
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
CloseHandle
WriteFile
SetFilePointer
FlushFileBuffers
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
ReadFile
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
InterlockedExchange
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
GetCurrentDirectoryA
CreateFileA
SetEndOfFile

Exports

Exports

??0AsnDll@@QAE@XZ
??4AsnDll@@QAEAAV0@ABV0@@Z
?dllMain@AsnDll@@SAHPAXK0@Z
asnInst_InstallerProductInfo_constructor
asnInst_getAsnProductInfo_0100
asn_exit
asn_getVersion_0100
asn_info_0100
asn_init
asn_makeChecksum_0100
asn_makePrivateEx_0100
asn_makePrivate_0100
asn_verifyChecksum_0100

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiMaker.exe
.exe windows:4 windows x86 arch:x86

825d43c1cea6e91131683919bdb7bd83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

advapi32

RegCloseKey

comctl32

ImageList_Add

gdi32

BitBlt

user32

ActivateKeyboardLayout

oleaut32

SafeArrayCreate

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

pec1
Size: 237KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SCOTCH.NFO

Sharing

General

Malware Config

Signatures

Files

83adfce0f9196af692dcf87ecd153108

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 24KB - Virtual size: 28KB

.reloc Size: 16KB - Virtual size: 13KB

825d43c1cea6e91131683919bdb7bd83

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

user32

oleaut32

Exports

Exports

Sections

pec1 Size: 237KB - Virtual size: 568KB

.rsrc Size: 46KB - Virtual size: 76KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 24KB - Virtual size: 28KB

.reloc
Size: 16KB - Virtual size: 13KB

pec1
Size: 237KB - Virtual size: 568KB

.rsrc
Size: 46KB - Virtual size: 76KB

.rsrc
Size: 1KB - Virtual size: 4KB