64999f4b714acf89d317b4d7e1f7637c

Sharing

Copy URL Twitter E-mail

General

Target

64999f4b714acf89d317b4d7e1f7637c
Size

13.4MB
MD5

64999f4b714acf89d317b4d7e1f7637c
SHA1

73bc71110e764407798e35472562b0174e6582c9
SHA256

47003eb6f9ebaefda8cf3d618c0a13e4649452596461ddf2508bedce5c2ce59c
SHA512

d9ceae5d77ae327d3d7b5f36c5136dd0031f79634edf80413a2dde8344104ed3457c941da301e29d3da6ab7e26a9a48c40294fc305cb5798fb05987fc259dbc5
SSDEEP

393216:QM5mNdvlgSrNpBQ2IssESqGQ3EEZ/7BcLFtf:x5CPBQ2IpEHGQ3EEZTB8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/avewin32.dll
unpack001/avpack32.dll
unpack001/avrep.dll

Files

64999f4b714acf89d317b4d7e1f7637c
.zip
SETUP.FU0
antivir0.vdf
antivir1.vdf
antivir2.vdf
antivir3.vdf
avewin32.dll
.dll windows:4 windows x86 arch:x86

d6153d5d00555971ad3d37b9b1e1b008

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileA
FindFirstFileA
GetLastError
FileTimeToDosDateTime
FindClose
GetVersion
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
SetLastError
GetDriveTypeA
CreateFileA
CloseHandle
SetFilePointer
ReadFile
DeviceIoControl
WriteFile
GetStdHandle
HeapAlloc
HeapFree
MoveFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileType
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
MoveFileW
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
SetStdHandle
SetEndOfFile
SetHandleCount
GetStartupInfoA
GetFullPathNameW
GetCurrentDirectoryA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentDirectoryW
FlushFileBuffers
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetFullPathNameA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFileAttributesA
GetFileAttributesA
DeleteFileA
GetCurrentProcessId
RemoveDirectoryA
CreateDirectoryA

Exports

Exports

AveProc

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avpack32.dll
.dll windows:4 windows x86 arch:x86

e39d2b73009e171b638399921ced65ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

VirtualFree
GetFileAttributesA
SetFileAttributesA
GetTempPathA
FreeLibrary
LoadLibraryW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameW
DeleteCriticalSection
HeapAlloc
GetLastError
HeapFree
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
ExitProcess
HeapReAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
MoveFileA
CreateDirectoryW
DeleteFileW
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualAlloc
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameA
LoadLibraryA
HeapSize
CloseHandle
GetFullPathNameA
GetCurrentDirectoryA
RtlUnwind
ReadFile
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

ArchiveAddElementToUseList
ArchiveCloseW
ArchiveDoneSupportedList
ArchiveDoneUseList
ArchiveExtractByFilespec
ArchiveExtractFileW
ArchiveFindFirst
ArchiveFindNext
ArchiveGetErrorMessageW
ArchiveGetExpSize
ArchiveGetFileCount
ArchiveGetModuleVersionInfo
ArchiveGetSize
ArchiveGetTypeW
ArchiveGetVersionInfo
ArchiveInitSupportedList
ArchiveOpenW
ArchiveRegisterTypeW
ArchiveUnregisterType

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avrep.dll
.dll windows:4 windows x86 arch:x86

ed4ae06f516e42d554f12d5c2bd38909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileStringW
MoveFileW
CloseHandle
GetSystemDirectoryW
GetProcAddress
LoadLibraryA
GetWindowsDirectoryW
GetFileAttributesW
SetFileAttributesW
GetModuleFileNameW
lstrcatW
CompareStringA
CompareStringW
TerminateProcess
EnterCriticalSection
GetLastError
DeleteFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
HeapFree
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
SetEnvironmentVariableA
LeaveCriticalSection
ReadFile
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
SetUnhandledExceptionFilter
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
GetCPInfo
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
VirtualProtect
GetSystemInfo
VirtualQuery
SetFilePointer
InterlockedExchange
SetStdHandle
FlushFileBuffers
CreateFileW
InitializeCriticalSection
GetTimeZoneInformation
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadCodePtr
SetEndOfFile
HeapSize

advapi32

RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegEnumValueW

Exports

Exports

AfterRepair
BeforeRepair
InitRepair

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
װ˵.url
.url

Sharing

General

Malware Config

Signatures

Files

d6153d5d00555971ad3d37b9b1e1b008

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 64KB - Virtual size: 75KB

.data1 Size: 48KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 84KB - Virtual size: 80KB

e39d2b73009e171b638399921ced65ad

Headers

File Characteristics

Imports

version

kernel32

Exports

Exports

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 38KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 8KB

ed4ae06f516e42d554f12d5c2bd38909

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 52KB - Virtual size: 56KB

.rsrc Size: 4KB - Virtual size: 1000B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 64KB - Virtual size: 75KB

.data1
Size: 48KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 84KB - Virtual size: 80KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 38KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 52KB - Virtual size: 56KB

.rsrc
Size: 4KB - Virtual size: 1000B

.reloc
Size: 8KB - Virtual size: 6KB