86068070471d3eb7f0430b11757c26f69c942a299548c99432bfac15f8f92d42

Sharing

Copy URL Twitter E-mail

General

Target

86068070471d3eb7f0430b11757c26f69c942a299548c99432bfac15f8f92d42
Size

135KB
MD5

15facb6505cf6228426199963e99df28
SHA1

8f47bb85c931d544317d148d32ebdab5303c523d
SHA256

86068070471d3eb7f0430b11757c26f69c942a299548c99432bfac15f8f92d42
SHA512

017631d4a4426eeec7df08ccc6648189b21e24fa9287ceb0ba7dfa89456444198003ca8068345d1dc829dc051768de8ec2ca1f7c292de83d4945c3a19e0774b1
SSDEEP

3072:XxmOqEqM5Grv7Tg1xsmj3+C+xbfeH78ALHp2fafrZb0e+GAf5F:XQ7Eq5TT1mjZbHNzp2foZ4xF

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Prijateli_7.12.22/Prijateli.exe
unpack001/Prijateli_7.12.22/zlib1.dll

Files

86068070471d3eb7f0430b11757c26f69c942a299548c99432bfac15f8f92d42
.zip
Prijateli_7.12.22/Prijateli.exe
.exe windows:4 windows x86 arch:x86

6f71be1877821f6c46536d5e301f394a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
WaitForSingleObject
SetPriorityClass
EscapeCommFunction
WriteFile
ReadFile
GetCommModemStatus
PurgeComm
SetCommTimeouts
SetCommState
GetCommState
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW
CreateProcessA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
WinExec
GlobalLock
GlobalUnlock
MultiByteToWideChar
WideCharToMultiByte
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
CreateThread
Sleep
CreateSemaphoreA
FreeLibrary
Beep
FindFirstFileA
FindNextFileA
CloseHandle
FindClose
GetModuleHandleA
CreateFileA
GetFileSize
GetEnvironmentStrings
SetEnvironmentVariableA

user32

FindWindowA
DefWindowProcA
CreateDialogParamA
OpenClipboard
GetClipboardData
EndPaint
SetWindowPos
LoadMenuA
GetSubMenu
GetWindowRect
BeginPaint
PostQuitMessage
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
CloseClipboard
DrawMenuBar
InvalidateRect
CheckMenuItem
GetMenu
MessageBoxA
GetSystemMetrics
CreateWindowExA
GetParent
SendMessageA
GetClientRect
UpdateWindow
SetScrollPos
SetScrollRange
GetWindowLongA
MoveWindow
DestroyWindow
KillTimer
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
SetWindowTextA
SetTimer
ReleaseDC
GetDC
GetWindowDC
GetDesktopWindow
ShowWindow
RegisterClassA
LoadCursorA
SetForegroundWindow
GetCursorPos
TrackPopupMenu
DestroyMenu
GetPriorityClipboardFormat
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
LoadIconA

gdi32

CreateFontA
CreateCompatibleBitmap
CreateCompatibleDC
Polygon
DeleteObject
CreateSolidBrush
CreatePen
PatBlt
BitBlt
SetBitmapBits
SetTextColor
GetTextMetricsA
SetPixel
SetBkMode
GetBitmapBits
TextOutA
GetStockObject
SelectObject

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA
ShellExecuteW
DragQueryFileA
DragFinish
DragAcceptFiles

winmm

waveOutReset
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
sndPlaySoundA
waveInClose
waveInReset
waveInUnprepareHeader
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveOutUnprepareHeader
waveOutClose
waveOutGetDevCapsA

ws2_32

WSAStartup
inet_ntoa
WSACleanup
closesocket
bind
setsockopt
htons
sendto
inet_addr
WSAGetLastError
recvfrom
socket

comctl32

ord17

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 67.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Prijateli_7.12.22/Users/1 .$$$
Prijateli_7.12.22/Users/2 .$$$
Prijateli_7.12.22/Users/3 .$$$
Prijateli_7.12.22/Users/4 .$$$
Prijateli_7.12.22/Users/5 .$$$
Prijateli_7.12.22/Users/6 .$$$
Prijateli_7.12.22/Users/7 .$$$
Prijateli_7.12.22/Users/8 .$$$
Prijateli_7.12.22/Users/9 .$$$
Prijateli_7.12.22/zlib1.dll
.dll windows:4 windows x86 arch:x86

2d3ee679b3fa7146dcc780f76415ad2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_errno
fclose
free
_vsnprintf
fflush
fseek
fputc
malloc
clearerr
fread
fprintf
_fdopen
fopen
sprintf
_initterm
_adjust_fdiv
ftell
fwrite

kernel32

DisableThreadLibraryCalls

Exports

Exports

adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f71be1877821f6c46536d5e301f394a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

winmm

ws2_32

comctl32

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 67.1MB

.rsrc Size: 68KB - Virtual size: 65KB

2d3ee679b3fa7146dcc780f76415ad2e

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 100B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 67.1MB

.rsrc
Size: 68KB - Virtual size: 65KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 100B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 1024B - Virtual size: 844B