program[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

program.zip
Size

28.2MB
MD5

25115c281bfd04fe93140925d15e05f4
SHA1

133e1758e55f6366c9a1da3e233547512f4399c3
SHA256

d981b787e15b86ccaabb454f6bd644598d98febe58c80eb9f0bb222c5be1ee36
SHA512

6afedca10c07e30da3c96c799e2736f13361980ab5821821df8321c5c675e6d33d6c1d7c2af33ab366fc56e2b8738e4c5e55fa5caa1c9a76b9a06a22cb74129c
SSDEEP

786432:2/DY3o0lwxU6sj4fo5XQgsPjQUm9P1nOtU:2LzcwxU6m4IANx+Ph

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bin/app.exe
unpack001/start.exe

Files

program.zip
.zip
bin/app.exe
.exe windows:5 windows x86 arch:x86

93c6c421fee0148a7bfe63e14db75419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

FindNextFileW
SetCurrentDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GlobalAddAtomW
GlobalDeleteAtom
lstrlenW
GetCommandLineW
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
GetCurrentDirectoryW
GlobalFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
DecodePointer
GetFileType
GetProcessHeap
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
DeleteFileW
HeapSize
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
Sleep
ReleaseMutex
WaitForSingleObject
CreateMutexW
FindClose
FindFirstFileW
CloseHandle
SetFilePointerEx
SetFilePointer
WriteFile
GetLastError
ReadFile
CreateFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
RemoveDirectoryW
WriteConsoleW
GetVersionExW
GetLocaleInfoW
FreeLibrary
GetProcAddress
LoadLibraryExW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameA

user32

DrawEdge
DrawTextW
DestroyWindow
PostQuitMessage
SystemParametersInfoW
GetUpdateRect
DefMDIChildProcW
EndPaint
BeginPaint
InflateRect
GetClassNameW
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
GetTabbedTextExtentW
DialogBoxIndirectParamW
MapVirtualKeyW
GetInputState
DrawMenuBar
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetSysColor
GetDesktopWindow
GetSystemMenu
UpdateWindow
GetWindow
ModifyMenuW
GetMenuStringW
GetMenuItemID
SetDlgItemTextW
FillRect
RegisterClassW
RegisterClassExW
LoadImageW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
RedrawWindow
IsIconic
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
EnableMenuItem
GetMenu
PtInRect
PostMessageW
InvalidateRect
SetFocus
GetFocus
CallWindowProcW
RemovePropW
SetPropW
SetWindowLongW
GetPropW
MessageBoxW
GetParent
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetWindowDC
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
LoadStringW
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
ShowWindow
IsWindowVisible
GetClientRect
SetWindowTextW
wsprintfW
IntersectRect
KillTimer
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
DialogBoxParamW

gdi32

CreatePalette
SelectPalette
RealizePalette
EnumFontFamiliesExW
GetDeviceCaps
GetStockObject
SelectObject
GetTextExtentPointW
GetObjectW
DeleteObject
CreatePen
Rectangle
LineTo
CreateSolidBrush
SetTextColor
SetBkMode
CreateRectRgn
GetClipRgn
ExcludeClipRect
SelectClipRgn
SetDIBits
CreateCompatibleBitmap
CreateFontIndirectW
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragFinish
DragQueryFileW
ShellExecuteExW
DragAcceptFiles

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/data/fonts/VCREAS 3.0.ttf
bin/data/fonts/ffonts.net.htm
.html
bin/data/fonts/ffonts.net.txt
bin/data/sounds/Alert.wav
bin/data/sounds/Attention.wav
bin/data/sounds/Clear.wav
bin/data/sounds/new/Alert.wav
bin/data/sounds/new/Attention.wav
bin/data/sounds/new/Clear.wav
bin/data/sounds/old/Alert.wav
bin/data/sounds/old/Attention.wav
bin/data/sounds/old/Clear.wav
icon.ico
info.ini
start.exe
.exe windows:5 windows x86 arch:x86

f67c2d48a0d9fae633478c7ae08a5655

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

MultiByteToWideChar
WideCharToMultiByte
GlobalAddAtomW
GlobalDeleteAtom
lstrlenW
GetCommandLineW
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
GetCurrentDirectoryW
GlobalFree
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
DecodePointer
GetFileType
GetProcessHeap
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
FindNextFileW
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
DeleteFileW
HeapSize
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
CreateMutexW
GetModuleFileNameW
Sleep
SetCurrentDirectoryW
ReleaseMutex
WaitForSingleObject
FindClose
FindFirstFileW
CloseHandle
SetFilePointerEx
SetFilePointer
WriteFile
GetLastError
ReadFile
CreateFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
WriteConsoleW
RemoveDirectoryW
GetVersionExW
GetLocaleInfoW
FreeLibrary
GetProcAddress
LoadLibraryExW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameA

user32

DrawTextW
OffsetRect
DestroyWindow
PostQuitMessage
DrawEdge
GetUpdateRect
DefMDIChildProcW
EndPaint
BeginPaint
InflateRect
GetClassNameW
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
SetDlgItemTextW
GetTabbedTextExtentW
MapVirtualKeyW
GetInputState
DrawMenuBar
SetMenuInfo
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDesktopWindow
GetSystemMenu
UpdateWindow
GetWindow
RegisterClassW
RegisterClassExW
ModifyMenuW
GetMenuStringW
GetMenuItemID
DialogBoxParamW
FillRect
LoadImageW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
RedrawWindow
IsIconic
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
EnableMenuItem
GetMenu
PtInRect
PostMessageW
InvalidateRect
SetFocus
GetFocus
CallWindowProcW
RemovePropW
SetPropW
SetWindowLongW
GetPropW
MessageBoxW
GetParent
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetWindowDC
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
LoadStringW
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
ShowWindow
IsWindowVisible
GetClientRect
SetWindowTextW
wsprintfW
IntersectRect
KillTimer
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
SystemParametersInfoW
GetSysColor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
DialogBoxIndirectParamW

gdi32

CreatePalette
SelectPalette
RealizePalette
EnumFontFamiliesExW
GetStockObject
SelectObject
GetTextExtentPointW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
DeleteObject
CreatePen
Rectangle
LineTo
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateRectRgn
GetClipRgn
ExcludeClipRect
SelectClipRgn
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragFinish
DragQueryFileW
ShellExecuteExW
DragAcceptFiles

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93c6c421fee0148a7bfe63e14db75419

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 518KB - Virtual size: 518KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 289KB - Virtual size: 289KB

.reloc Size: 25KB - Virtual size: 24KB

f67c2d48a0d9fae633478c7ae08a5655

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 528KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 6KB - Virtual size: 9KB

.rsrc Size: 289KB - Virtual size: 289KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 518KB - Virtual size: 518KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 289KB - Virtual size: 289KB

.reloc
Size: 25KB - Virtual size: 24KB

.text
Size: 528KB - Virtual size: 528KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 6KB - Virtual size: 9KB

.rsrc
Size: 289KB - Virtual size: 289KB

.reloc
Size: 25KB - Virtual size: 25KB