d3f847b27ee6cd4f85a3393131f85f28750761fd59dd2aac95d5a8fa235d46dd[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

d3f847b27ee6cd4f85a3393131f85f28750761fd59dd2aac95d5a8fa235d46dd.zip
Size

1.1MB
MD5

a92ac6a0b8fb16de822b1910582588bb
SHA1

787efcbac8217e1af9497ccdc272f148bcc16076
SHA256

2c812737084292bb64e7418a6c87a62130eda8efb2b08528a8289cb594bf9c99
SHA512

7122cd6ae37337abe8725ba85a80eddf2f99377b7073f7f5ebf584ba4005185e2a0a3eb09b3d8911d482e1c28040c78830275b02f3edcb5894985e277b6d58d9
SSDEEP

24576:NBEDeelynuwi+rpGdjBua9LNH93Cm5TMTOblBPjZpLq:NkHyLi+lGdjBuCxFCm2ibrPjZpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d3f847b27ee6cd4f85a3393131f85f28750761fd59dd2aac95d5a8fa235d46dd.exe

Files

d3f847b27ee6cd4f85a3393131f85f28750761fd59dd2aac95d5a8fa235d46dd.zip
.zip

Password: infected
d3f847b27ee6cd4f85a3393131f85f28750761fd59dd2aac95d5a8fa235d46dd.exe
.dll regsvr32 windows:5 windows x64 arch:x64

f4799389331ab90e5d02136a52ba211c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

IsValidCodePage
FindNextFileA
FindFirstFileExA
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetStdHandle
GetCPInfo
GetModuleFileNameA
ExitProcess
QueryPerformanceFrequency
GetFileType
SetStdHandle
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
VirtualQuery
GetSystemInfo
GetCommandLineW
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetEnvironmentVariableA
GetTempFileNameW
Sleep
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
VirtualProtect
GlobalGetAtomNameW
GlobalFindAtomW
FreeResource
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GetSystemDirectoryW
EncodePointer
CopyFileW
MulDiv
GlobalSize
SetErrorMode
LocalReAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
CreateEventW
CloseHandle
CompareStringW
GetProcAddress
GetModuleHandleW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FormatMessageW
LocalFree
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
QueryActCtxW
FindActCtxSectionStringW
VirtualAlloc
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetCommandLineA
VirtualFree
WaitForSingleObject
CreateThread
GetACP

user32

IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
IntersectRect
InflateRect
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
DestroyIcon
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
DrawIconEx
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
GetSystemMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetSystemMetrics
CharUpperW
FillRect
GetSysColor
ScreenToClient
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
BringWindowToTop
SetCursorPos
CopyIcon
UnregisterClassW
PostMessageW
PostQuitMessage
DispatchMessageW
PeekMessageW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
RealChildWindowFromPoint
GetWindow
GetClassNameW
PtInRect
ClientToScreen
GetWindowRect
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
DeleteMenu
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrW
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
SetForegroundWindow
WaitMessage
SetTimer
KillTimer
EnableWindow
SendMessageW
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
UnhookWindowsHookEx
GetDesktopWindow
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
TranslateMessage
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
UnpackDDElParam
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetClientRect
CopyImage
SystemParametersInfoW
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
IsZoomed
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
IsWindow

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
Escape
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
GetDeviceCaps
CreateDCW
CopyMetaFileW
CombineRgn
CreateBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHAppBarMessage

shlwapi

PathFindExtensionW
UrlUnescapeW
PathFindFileNameW
StrStrA
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemeColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

ole32

RevokeDragDrop
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoCreateGuid
CoUninitialize
OleLockRunning

oleaut32

VariantInit
VariantClear
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
VariantCopy
SysStringLen
VarBstrFromDate
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysFreeString
SysAllocString

ws2_32

WSAStartup
WSACleanup
WSASetLastError

wininet

InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 634KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f4799389331ab90e5d02136a52ba211c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

ws2_32

wininet

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 634KB - Virtual size: 633KB

.data Size: 28KB - Virtual size: 57KB

.pdata Size: 83KB - Virtual size: 83KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 634KB - Virtual size: 633KB

.data
Size: 28KB - Virtual size: 57KB

.pdata
Size: 83KB - Virtual size: 83KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 59KB - Virtual size: 58KB