652719b858a447fcf88ce75617fc3cd8

Sharing

Copy URL

Twitter E-mail

General

Target

652719b858a447fcf88ce75617fc3cd8
Size

85KB
MD5

652719b858a447fcf88ce75617fc3cd8
SHA1

9ce97cd7a83090f0c4c02b8a0748f6d29682d792
SHA256

57e4b13246920443d7a7a65a4ef7ca666a65559f2f75824f8687d83b1f5389fa
SHA512

7146df017c8b022b8666383cf52f5ac78f86307842e0b53c01590006ca405481c9fadfad23592319b9826a7e20a2223415b4ff48f3245014548d09a0643a5252
SSDEEP

1536:Qdq43+bs5LoNYgGMtahULlGLuYw7tabp7AMM9myP+IqzcUPskMcLlyZh:CYYoOMtah0ljYw7tabp7Abh5UPuulyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Irancell.exe

Files

652719b858a447fcf88ce75617fc3cd8
.rar
Irancell.exe
.exe windows:4 windows x86 arch:x86

19303466c711d905063d653dc4d28dc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
HeapFree
GetACP
HeapReAlloc
HeapSize
UnhandledExceptionFilter
RaiseException
HeapAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
ExitProcess
GetCommandLineA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
GlobalDeleteAtom
LCMapStringA
LCMapStringW
GetModuleHandleA
CloseHandle
lstrcmpA
lstrcpyA
GetCurrentThread
LocalFree
GetModuleFileNameA
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
MulDiv
SetLastError
InterlockedDecrement
LoadLibraryA
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
GetProcAddress
GlobalLock
WinExec
lstrlenA
lstrcatA
GlobalUnlock
GetProfileStringA
GlobalAlloc
LoadResource
FindResourceA
LockResource
GlobalFree

user32

MapWindowPoints
SendDlgItemMessageA
PeekMessageA
UpdateWindow
PostMessageA
IsDialogMessageA
SetWindowTextA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
wvsprintfA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetCursorPos
GetFocus
DispatchMessageA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
DestroyMenu
CharUpperA
GetClassNameA
PtInRect
GetSysColorBrush
GetTopWindow
MessageBoxA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
LoadStringA
GetDlgCtrlID
GetKeyState
AdjustWindowRectEx
SetFocus
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
TranslateAcceleratorA
wsprintfA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
DeleteMenu
SetTimer
LoadIconA
MessageBeep
GetDC
ReleaseDC
SetWindowLongA
GetParent
GetWindowRect
SetCursor
GetWindowLongA
SendMessageA
GetClientRect
CopyRect
FrameRect
InflateRect
FillRect
GetSysColor
OffsetRect
DrawStateA
DrawFocusRect
GetActiveWindow
GetCapture
SetCapture
ClientToScreen
WindowFromPoint
ReleaseCapture
InvalidateRect
GetIconInfo
RedrawWindow
LoadImageA
DestroyIcon
DestroyCursor
IsWindowVisible
ScreenToClient
CreateWindowExA
SetWindowsHookExA
GetWindowTextLengthA
GetWindowTextA
EnableWindow
LoadCursorA
CallNextHookEx
CallWindowProcA
DefWindowProcA
CharNextA
DefDlgProcA
ExcludeUpdateRgn
UnregisterClassA
HideCaret
IsWindowUnicode
ShowCaret

gdi32

SelectObject
CreateCompatibleDC
BitBlt
GetStockObject
CreateFontIndirectA
GetObjectA
GetTextExtentPoint32A
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
SaveDC
SetBkMode
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
GetDeviceCaps
CreatePen
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
RestoreDC
GetTextExtentPointA
CreateDIBitmap
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19303466c711d905063d653dc4d28dc2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 60KB - Virtual size: 57KB