997daf6aaf17d365495212926532a494

Sharing

Copy URL

Twitter E-mail

General

Target

997daf6aaf17d365495212926532a494
Size

63KB
MD5

997daf6aaf17d365495212926532a494
SHA1

357ef5d6b015f36a083eb119aa60090cd4791a9c
SHA256

20fc8896f4b21e626e6994fe93df34197f6ee54efafcaa241d1a794f3e83cb62
SHA512

f367b27f75169e0657ab070d322878116b976197552c2907744dcb114a19f6a7ac1e88f9abe3739639721df57438135df010e190567e984de5256b262b8a64bf
SSDEEP

1536:WP6qVgLUfz/0tVWEfYkvCxodZhKCoDsBOJpu:wTVgLU7/KVnYeCxodPmpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2k3activator/Antiwpa-V3.4.6 for X64 and X86/AMD64/antiwpa.dll
unpack001/2k3activator/Antiwpa-V3.4.6 for X64 and X86/X86/antiwpa.dll
unpack001/2k3activator/Generic Antiwpa-2.3-WinXP-2k3/AntiWPA_Crypt.dll
unpack001/2k3activator/Generic Antiwpa-2.3-WinXP-2k3/WPA_Kill.exe

Files

997daf6aaf17d365495212926532a494
.7z
2k3activator/Antiwpa-V3.4.6 for X64 and X86/AMD64/antiwpa.dll
.dll regsvr32 windows:4 windows x64 arch:x64

7be7512539b15faa1d7be075a869faa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
IsBadReadPtr
CopyFileA
VirtualQuery
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA

user32

GetForegroundWindow
MessageBoxA
GetSystemMetrics

shlwapi

PathAddBackslashA
PathAppendA
PathRemoveFileSpecA
PathStripPathA

shell32

ShellExecuteA

ntdll

_vsnprintf
memset
_strcmpi
_stricmp

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 256B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 256B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 768B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2k3activator/Antiwpa-V3.4.6 for X64 and X86/AntiWPA3.cmd
2k3activator/Antiwpa-V3.4.6 for X64 and X86/IA64/antiwpa.dll
2k3activator/Antiwpa-V3.4.6 for X64 and X86/X86/antiwpa.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTickCount
GetSystemDirectoryA
FindFirstFileA
GetLastError
lstrcmpiA
GetModuleHandleA
FindClose
MoveFileA
GetModuleFileNameA
FindNextFileA
DeleteFileA
VirtualProtect
VirtualQuery
IsBadReadPtr
CopyFileA

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

user32

GetSystemMetrics
MessageBoxA
GetForegroundWindow

shlwapi

PathAddBackslashA
PathAppendA
PathStripPathA
PathRemoveFileSpecA

shell32

ShellExecuteA

ntdll

_vsnprintf
_strcmpi
_stricmp
memset

Exports

Exports

DllRegisterServer
DllUnregisterServer
onLogon

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 768B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2k3activator/Antiwpa-V3.4.6 for X64 and X86/readme.txt
2k3activator/Generic Antiwpa-2.3-WinXP-2k3/AntiWPA_Crypt.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DeCrypt
EnCrypt

Sections

.text
Size: 877B - Virtual size: 874B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
2k3activator/Generic Antiwpa-2.3-WinXP-2k3/WPA_Kill.exe
.exe windows:4 windows x86 arch:x86

e84573bfc4f9118acd2f76758caaeed9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord516
ord660
ord668
ord592
ord300
ord301
ord595
ord303
ord598
ord306
ord307
ord309
ord709
ord632
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord670
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord710
ord711
ord712
ord607
ord530
ord608
ord317
ord318
ord533
ProcCallEngine
ord537
ord646
ord647
ord648
ord573
ord681
ord576
ord578
ord685
ord100
ord579
ord616
ord617
ord619
ord580

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
2k3activator/Generic Antiwpa-2.3-WinXP-2k3/file.diz
2k3activator/Generic Antiwpa-2.3-WinXP-2k3/readme.txt

Sharing

General

Malware Config

Signatures

Files

7be7512539b15faa1d7be075a869faa8

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

shell32

ntdll

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.pdata Size: 256B - Virtual size: 120B

.CRT Size: 256B - Virtual size: 8B

.rsrc Size: 768B - Virtual size: 696B

.reloc Size: 256B - Virtual size: 42B

1f26eabaff531a1b45981ced728199a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

shell32

ntdll

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 768B - Virtual size: 696B

.reloc Size: 256B - Virtual size: 218B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 877B - Virtual size: 874B

.rdata Size: 89B - Virtual size: 86B

e84573bfc4f9118acd2f76758caaeed9

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 116KB - Virtual size: 112KB

.data Size: - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.pdata
Size: 256B - Virtual size: 120B

.CRT
Size: 256B - Virtual size: 8B

.rsrc
Size: 768B - Virtual size: 696B

.reloc
Size: 256B - Virtual size: 42B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 768B - Virtual size: 696B

.reloc
Size: 256B - Virtual size: 218B

.text
Size: 877B - Virtual size: 874B

.rdata
Size: 89B - Virtual size: 86B

.text
Size: 116KB - Virtual size: 112KB

.data
Size: - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB