14944d9b24105152952ea0fa51711059e7cbab8fad85637e1773484b1dd408e8[.]zip

Resubmissions

03/01/2024, 09:11

240103-k5tbraceam 10

03/01/2024, 07:27

240103-h94l6scccj 8

Sharing

Copy URL Twitter E-mail

General

Target

14944d9b24105152952ea0fa51711059e7cbab8fad85637e1773484b1dd408e8.zip
Size

128KB
MD5

748384763fadedf4188d48f7371b280d
SHA1

12d9e3b4afbe3539ca34d6749dccd48efb3dfa43
SHA256

7adc06662d5e32204134d15df2d0039a8a356475b11e26d7fd31e2b5a7b87574
SHA512

9c5de515095a4d6e1a12a46a8c8045d19b93383c94e7a285f422e91127a265e056bd03c735a51958d3d39ef08d8df1cb7a4aa91e9318a97d8dd7fd020ae80753
SSDEEP

3072:Io94IGAt4Ca/YAkFmcKIBN53M7co9O5RuSq:LLl6X/SscLF3ycQO5RG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/14944d9b24105152952ea0fa51711059e7cbab8fad85637e1773484b1dd408e8

Files

14944d9b24105152952ea0fa51711059e7cbab8fad85637e1773484b1dd408e8.zip
.zip

Password: threatbook
14944d9b24105152952ea0fa51711059e7cbab8fad85637e1773484b1dd408e8
.exe windows:4 windows x86 arch:x86

Password: threatbook

110d51eb9d13a17bdea3cf10f77b6682

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

LocalAlloc
Sleep
GetLastError
MapViewOfFile
CreateFileMappingA
WriteFile
SetEndOfFile
GetFileAttributesExA
SetFileAttributesA
CopyFileA
FindNextFileA
FindClose
FindFirstFileA
RemoveDirectoryA
CreateDirectoryA
MoveFileA
GetTempPathA
GetWindowsDirectoryA
GetLogicalDrives
GetFileAttributesA
SetThreadPriority
SetPriorityClass
GetCurrentThread
GetCurrentProcess
GetVersionExA
GetTempFileNameA
HeapFree
HeapAlloc
GetProcessHeap
CreateFileW
FindFirstFileW
MultiByteToWideChar
lstrlenA
GetDiskFreeSpaceA
GetUserDefaultLangID
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceA
LocalFree
lstrlenW
GlobalUnlock
GlobalLock
InterlockedIncrement
InterlockedDecrement
lstrcmpA
VirtualQueryEx
GetSystemInfo
RaiseException
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetConsoleCtrlHandler
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
WideCharToMultiByte
SetStdHandle
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetCommandLineA
GetStartupInfoA
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
HeapSize
GetEnvironmentVariableA
GetShortPathNameA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
UnmapViewOfFile
GetFileTime
SetFileTime
GetModuleHandleA
CreateThread
WaitForSingleObject
TerminateThread
VirtualProtectEx
WriteProcessMemory
TerminateProcess
DeviceIoControl
GetModuleFileNameA
SetCurrentDirectoryA
CreateFileA
FreeLibrary
GetVersion
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
CloseHandle
OpenProcess
ReadProcessMemory
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetLogicalDriveStringsA
GetDriveTypeA
GlobalAlloc

user32

SetWindowPos
IsWindow
BeginPaint
RedrawWindow
EndPaint
GetDC
GetDesktopWindow
IsChild
FillRect
GetClassNameA
SendMessageA
SetWindowTextA
GetParent
CreateAcceleratorTableA
DestroyWindow
CreateWindowExA
wsprintfA
ReleaseCapture
MessageBoxA
CharUpperA
GetActiveWindow
SetCapture
InvalidateRgn
ShowWindow
MapWindowPoints
SystemParametersInfoA
GetWindowRect
ReleaseDC
EndDialog
DialogBoxParamA
SendDlgItemMessageA
SetFocus
EnableWindow
GetDlgItem
GetFocus
EnableMenuItem
GetSystemMenu
GetWindowLongA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
RegisterClassExA
DialogBoxIndirectParamA
GetCursorPos
ScreenToClient
GetClientRect
PtInRect
SetTimer
InvalidateRect
WindowFromPoint
KillTimer
LoadCursorA
SetCursor
CallWindowProcA
GetDlgCtrlID
GetSysColorBrush
LoadIconA
SetWindowLongA
SetDlgItemTextA

gdi32

CreateCompatibleBitmap
DeleteObject
SetBkMode
GetStockObject
SetTextColor
CreateSolidBrush
CreateFontIndirectA
GetObjectA
GetDeviceCaps
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC

advapi32

OpenServiceA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
EnumServicesStatusA
QueryServiceStatus
ControlService
CloseServiceHandle
QueryServiceConfigA
OpenSCManagerA
DeleteService

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
OleLockRunning

oleaut32

VariantClear
SysStringLen
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
GetErrorInfo
SetErrorInfo
VariantChangeType
CreateErrorInfo
VariantInit
OleCreateFontIndirect

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

inet_ntoa
WSACleanup
gethostname
WSAStartup
gethostbyname

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: threatbook

Password: threatbook

110d51eb9d13a17bdea3cf10f77b6682

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

ws2_32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 32KB - Virtual size: 1.2MB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 32KB - Virtual size: 1.2MB

.rsrc
Size: 80KB - Virtual size: 77KB