DECRYPTOR_ALL_PC[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

DECRYPTOR_ALL_PC.zip
Size

24KB
MD5

ddad24500ab356df7f5648d414dc9e2a
SHA1

586e89bd4f8477f2cec11737bbb4e85990f5b491
SHA256

e75dfecf1cd2e59ba8d4c850ab5dbf6e5b20516487969a0cc7fbc1e567188ac4
SHA512

b92e6d8bd8f77887330103944fb0fed0953d561fb85491d9e2892d97a255d02133f58bf9624e4eb6c78640e15794983d202c5eb303aca93dab077640024b352b
SSDEEP

768:oSaS9F6VyKTMc5MxTW+sUDIuOWKUL8GCsRRVf:oAKT7ixTd7DIuyLw/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/LBB_Decryptor.exe

Files

DECRYPTOR_ALL_PC.zip
.zip
FAQ.txt
LBB_Decryptor.exe
.exe windows:5 windows x86 arch:x86

4585cfc85e0cd554d6b5d4bf1bb3d5e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
DialogBoxParamW
SetDlgItemInt
SetSysColors
SetTimer
SetWindowPos
SetWindowTextW
SystemParametersInfoW
EndDialog
SendMessageW
MessageBoxW
LoadIconW
KillTimer
GetDlgItem

kernel32

WriteFile
WriteConsoleW
WaitForSingleObject
WaitForMultipleObjects
Sleep
SetThreadPriority
SetFilePointerEx
CloseHandle
CreateFileW
CreateIoCompletionPort
CreateThread
DeleteFileW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushConsoleInputBuffer
GetCommandLineW
GetConsoleWindow
GetDriveTypeW
GetExitCodeThread
GetFileAttributesW
GetFileSize
GetFileSizeEx
GetLogicalDriveStringsW
GetModuleHandleW
GetProcAddress
GetQueuedCompletionStatus
GetStdHandle
GlobalFree
HeapSetInformation
InterlockedIncrement
IsBadReadPtr
MoveFileExW
PostQueuedCompletionStatus
ReadFile
ResumeThread
SetConsoleTextAttribute
SetConsoleTitleW
SetEndOfFile
SetFileAttributesW

comctl32

InitCommonControls

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW
SHChangeNotify
DragQueryFileW

msvcrt

wcslen
wcsrchr
_getch
_kbhit
_wcsicmp
memcpy
memmove
memset
swprintf
wcscat
wcscpy

advapi32

MD5Update
MD5Init
MD5Final
ConvertSidToStringSidW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW

ntdll

RtlDeleteCriticalSection
RtlDestroyHeap
RtlCreateHeap
RtlFreeHeap
RtlInitializeCriticalSection
RtlLeaveCriticalSection
RtlReAllocateHeap
NtClose
RtlAllocateHeap
RtlAdjustPrivilege
NtTerminateThread
NtSetInformationThread
NtSetInformationProcess
NtQuerySystemInformation
NtQueryInformationToken
NtOpenProcessToken
NtOpenProcess
NtDuplicateToken
RtlEnterCriticalSection

shlwapi

PathFindFileNameW
PathIsDirectoryEmptyW
PathFindExtensionW
PathFileExistsW
PathIsNetworkPathW
PathIsDirectoryW
PathRemoveFileSpecW
PathAppendW

mpr

WNetAddConnection2W
WNetGetUniversalNameW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4585cfc85e0cd554d6b5d4bf1bb3d5e4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

comctl32

shell32

msvcrt

advapi32

ntdll

shlwapi

mpr

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 1024B - Virtual size: 792B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 1024B - Virtual size: 792B