VisionExternalCrck[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

VisionExternalCrck.rar
Size

35.3MB
MD5

685a12ca2ae1a3df9637dd1e07fb879a
SHA1

c6ee0d168060cd1ef78601ff39945a6c0737c6da
SHA256

428af3a8f62e4582eb3a29364deea809baba4389ff00629c16285bf263f623c4
SHA512

2eaf76c8a067ce937d06dbd1ec749dc892c7c462979bc804f4a6c6eff0c0ab52688bab072c8903fcdbc8c50ade48fca6f184bc9904e8be8020c864b9eb8b4400
SSDEEP

786432:F09x36HJnGgR/7GR9YTe07N93ypGUg9x36HJnGgR/7GR9YTe07N93ypGR:F0nCnGgRzGRm9kPgnCnGgRzGRm9kS

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/VisionExternalCrck/PIO/Vision_External.exe
unpack002/PIO/Vision_External.exe

Files

VisionExternalCrck.rar
.rar
VisionExternalCrck/Credentials.txt
VisionExternalCrck/PIO/INSTRUCTIONS.txt
VisionExternalCrck/PIO/Vision_External.exe
.exe windows:6 windows x64 arch:x64

332e71e07863fb9b35328c628a1ef891

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHFileOperationW

kernel32

LeaveCriticalSection
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Z&?
Size: - Virtual size: 14.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~`_
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k95
Size: 16.9MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VisionExternalCrck/PIO/assets/background.png
.png
VisionExternalCrck/PIO/assets/icon.png
.png
VisionExternalCrck/PIO/assets/logo.png
.png
VisionExternalCrck/PIO/assets/profile.png
.png
VisionExternalCrck/PIO/fonts/Kontora-Black.otf
VisionExternalCrck/PIO/fonts/Kontora-SemiBold.otf
VisionExternalCrck/PIO/fonts/Kontotra-Medium.otf
VisionExternalCrck/PIO/home.html
.html
VisionExternalCrck/PIO/init.html
.html
VisionExternalCrck/PIO/js/login.js
.js
VisionExternalCrck/PIO/js/main.js
.js
VisionExternalCrck/PIO/styles/editor.css
VisionExternalCrck/PIO/styles/left.css
VisionExternalCrck/PIO/styles/login.css
VisionExternalCrck/PIO/styles/menu.css
VisionExternalCrck/PIO/styles/modal.css
VisionExternalCrck/PIO/styles/root.css
VisionExternalCrck/PIO/styles/top.css
VisionExternalCrck/PIO/workspace/nig.txt
VisionExternalCrck/VisionAuthBypass.bat
VisionExternalCrck/VisionKEYGen.bat
.bat .vbs
VisionExternalCrck/vision_iyk3bldyc.zip
.rar
PIO/INSTRUCTIONS.txt
PIO/Vision_External.exe
.exe windows:6 windows x64 arch:x64

332e71e07863fb9b35328c628a1ef891

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHFileOperationW

kernel32

LeaveCriticalSection
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Z&?
Size: - Virtual size: 14.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.~`_
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.k95
Size: 16.9MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PIO/assets/background.png
.png
PIO/assets/icon.png
.png
PIO/assets/logo.png
.png
PIO/assets/profile.png
.png
PIO/fonts/Kontora-Black.otf
PIO/fonts/Kontora-SemiBold.otf
PIO/fonts/Kontotra-Medium.otf
PIO/home.html
.html
PIO/init.html
.html
PIO/js/login.js
.js
PIO/js/main.js
.js
PIO/styles/editor.css
PIO/styles/left.css
PIO/styles/login.css
PIO/styles/menu.css
PIO/styles/modal.css
PIO/styles/root.css
PIO/styles/top.css
PIO/workspace/nig.txt
VisionExternalCrck/visionkeys.txt

Sharing

General

Malware Config

Signatures

Files

332e71e07863fb9b35328c628a1ef891

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

Sections

.text Size: - Virtual size: 125KB

.rdata Size: - Virtual size: 50KB

.data Size: - Virtual size: 67KB

.pdata Size: - Virtual size: 5KB

_RDATA Size: - Virtual size: 500B

.Z&? Size: - Virtual size: 14.3MB

.~`_ Size: 2KB - Virtual size: 2KB

.k95 Size: 16.9MB - Virtual size: 16.9MB

.reloc Size: 512B - Virtual size: 208B

.rsrc Size: 1KB - Virtual size: 1KB

332e71e07863fb9b35328c628a1ef891

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

user32

Sections

.text Size: - Virtual size: 125KB

.rdata Size: - Virtual size: 50KB

.data Size: - Virtual size: 67KB

.pdata Size: - Virtual size: 5KB

_RDATA Size: - Virtual size: 500B

.Z&? Size: - Virtual size: 14.3MB

.~`_ Size: 2KB - Virtual size: 2KB

.k95 Size: 16.9MB - Virtual size: 16.9MB

.reloc Size: 512B - Virtual size: 208B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 125KB

.rdata
Size: - Virtual size: 50KB

.data
Size: - Virtual size: 67KB

.pdata
Size: - Virtual size: 5KB

_RDATA
Size: - Virtual size: 500B

.Z&?
Size: - Virtual size: 14.3MB

.~`_
Size: 2KB - Virtual size: 2KB

.k95
Size: 16.9MB - Virtual size: 16.9MB

.reloc
Size: 512B - Virtual size: 208B

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 125KB

.rdata
Size: - Virtual size: 50KB

.data
Size: - Virtual size: 67KB

.pdata
Size: - Virtual size: 5KB

_RDATA
Size: - Virtual size: 500B

.Z&?
Size: - Virtual size: 14.3MB

.~`_
Size: 2KB - Virtual size: 2KB

.k95
Size: 16.9MB - Virtual size: 16.9MB

.reloc
Size: 512B - Virtual size: 208B

.rsrc
Size: 1KB - Virtual size: 1KB