CLBNODE942_2024-01-04_00_42_47[.]781[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

CLBNODE942_2024-01-04_00_42_47.781.zip
Size

214KB
MD5

da237c365272453300e57fcd08d21876
SHA1

9e9a1c545dc702977ffb5cc8af949eec3d5bf26a
SHA256

21db92b585bbe0cfec1fb3c3c63bee447f3f22852fa4c4909720cc0ad3e09281
SHA512

096e01783f452b1ac723036c45f5e8bc6171bd1eb8e1645f63d8ff33d0db1d57deb7abb9b53a999d108264a1b12f7b4e9f2b5ba8d9c96311a301155bc7d8a9bd
SSDEEP

6144:AfyB29HTENvOxvZaQEhYr7ZpXjIfYOmNKZcpGedoZNR+w:AfyBuThaQeGNliYtNfG9TV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume12/Departments/AThome/MaGrain/My Documents/MyFiles/Cat/Kitty.exe

Files

CLBNODE942_2024-01-04_00_42_47.781.zip
.zip

Password: P@tr1ot1!!!
Device/HarddiskVolume12/Departments/AThome/MaGrain/My Documents/MyFiles/Cat/Kitty.exe
.exe windows:4 windows x86 arch:x86

Password: P@tr1ot1!!!

72c63112e4e4f74bf3fbaf935205191c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
SetPriorityClass
CopyFileA
MultiByteToWideChar
GetTempFileNameA
GetTempPathA
DeleteFileA
FindResourceA
LoadResource
LockResource
FreeResource
GetTickCount
GlobalLock
GlobalUnlock
CreateDirectoryA
GetFileAttributesA
GetStartupInfoA
GetModuleFileNameA
OpenFileMappingA
CloseHandle
CreateFileMappingA
GetLastError
MapViewOfFile
UnmapViewOfFile
GlobalAlloc
LocalAlloc
LocalLock
LocalUnlock
LocalFree
SizeofResource
GlobalReAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
WinExec
GetCurrentProcess
FlushFileBuffers
CreateFileA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
WriteFile
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
GetFileType
GetStdHandle
SetStdHandle
LCMapStringA
SetFilePointer
ReadFile
SetHandleCount
GlobalFree
VirtualAlloc
VirtualFree
IsBadWritePtr
HeapDestroy
ExitProcess
HeapCreate
GetCommandLineA
GetModuleHandleA
GetVersion
HeapReAlloc
HeapAlloc
HeapFree
LCMapStringW
GetProcAddress
RtlUnwind
SetEndOfFile
LoadLibraryA

user32

GetClientRect
DialogBoxParamA
UnionRect
EqualRect
GetMessageA
EndDialog
MoveWindow
IntersectRect
GetWindowRect
GetCursorPos
SetRect
IsWindow
GetDC
ReleaseDC
InvalidateRect
DestroyCursor
SetTimer
KillTimer
MessageBoxA
GetDesktopWindow
LoadCursorA
SetCursor
PtInRect
GetAsyncKeyState
EndPaint
BeginPaint
CopyRect
SetDlgItemTextA
GetDlgItemTextA
GetTopWindow
GetWindow
GetClassNameA
SetWindowLongA
IsWindowVisible
GetWindowLongA
SendMessageA
GetUpdateRect
EnumWindows
LoadIconA
IsRectEmpty
UpdateWindow
TranslateMessage
DispatchMessageA
PostQuitMessage
SetClassWord
SetWindowTextA
SetForegroundWindow
TrackPopupMenu
DestroyMenu
LoadMenuA
GetSubMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
RegisterClassA
OffsetRect
CheckMenuItem
SystemParametersInfoA
PostMessageA
SetWindowPos
FindWindowA
SetRectEmpty

gdi32

RealizePalette
DeleteObject
GetObjectA
DeleteDC
SetBkColor
BitBlt
SetMapMode
GetMapMode
CreateCompatibleBitmap
CreateBitmap
GetPixel
SelectObject
CreateCompatibleDC
GetDeviceCaps
GetStockObject
SetBkMode
CreatePalette
CreateDIBitmap
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
SelectPalette

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoUninitialize
CoCreateInstance

winmm

mciSendCommandA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: P@tr1ot1!!!

Password: P@tr1ot1!!!

72c63112e4e4f74bf3fbaf935205191c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 16KB - Virtual size: 31KB

.rsrc Size: 184KB - Virtual size: 182KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 184KB - Virtual size: 182KB