Resubmissions
22-02-2024 06:48
240222-hkr7vaec87 7Static task
static1
General
-
Target
Install_0007.exe
-
Size
37.8MB
-
MD5
a1380be17a94c2cb7229e3add528b3d9
-
SHA1
16d18f8b1fb211dfd41ef226043ab333994a4a37
-
SHA256
f0bae6b32ddd8e022d52892a67665ea2899e4b71d78854a7325a521b51fb4e73
-
SHA512
02daa4e67e25f9311327396d0ed698549e018d8de5a97ef476a075c801ef167a2b8cc6d60f976eeaffe74443aad31dbce45a488b370f45fa6322dc05c1e5e334
-
SSDEEP
786432:Xu+4wJWyygsa+LY7woLStYM53w3VhWJpuM1Rt9K8LXmtsd79ZiSqQOcE4IP:e+jWpa+8kpY93VhWJpnKm5dZJMcQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Install_0007.exe
Files
-
Install_0007.exe.exe windows:6 windows x86 arch:x86
ace20a751910b10ef6c3150601349824
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
PathCombineW
kernel32
EnumSystemLocalesW
LCMapStringEx
InitializeCriticalSectionEx
SetFilePointer
CreateThread
FindFirstFileA
GetFileAttributesW
RaiseException
GetCPInfo
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
GetCurrentDirectoryA
CreateDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
GetSystemWow64DirectoryW
Sleep
GetConsoleMode
ExitProcess
DecodePointer
CreateDirectoryW
GetLastError
GetCommandLineA
InitializeSListHead
GetTickCount64
SetFileTime
TlsGetValue
GetFileInformationByHandle
SetLastError
SetEvent
GetCurrentDirectoryW
SetFileAttributesA
FindClose
HeapFree
LocalFree
GetCurrentProcess
CreateEventA
DeleteFileA
DeleteFileW
GetProcessHeap
GetEnvironmentStringsW
TlsFree
GetCommandLineW
RtlUnwind
LoadLibraryW
GetNativeSystemInfo
GetOEMCP
FreeEnvironmentStringsW
DeleteCriticalSection
VirtualProtect
GetSystemInfo
SetFileAttributesW
UnhandledExceptionFilter
GetCurrentProcessId
GetStringTypeW
AreFileApisANSI
FindFirstFileExW
VirtualFree
FindNextFileA
GetUserDefaultLCID
HeapSize
RemoveDirectoryA
FlushFileBuffers
FreeLibrary
GetTempPathA
GetProcessAffinityMask
GetACP
RemoveDirectoryW
FormatMessageA
GlobalMemoryStatus
FreeLibraryAndExitThread
SetStdHandle
MultiByteToWideChar
WriteConsoleW
GetFileSize
GetFileAttributesA
IsValidLocale
CreateFileA
VirtualAlloc
QueryPerformanceCounter
WideCharToMultiByte
GetConsoleOutputCP
EnterCriticalSection
GetVersionExA
SetUnhandledExceptionFilter
TlsAlloc
GetLocaleInfoW
SetEndOfFile
CloseHandle
LoadLibraryExW
ExitThread
GetProcAddress
lstrlenW
CreateSemaphoreA
WriteFile
GetStdHandle
FindFirstFileW
GetTempPathW
GetStartupInfoW
FormatMessageW
GetSystemDirectoryW
GetModuleHandleExW
GetTickCount
WaitForSingleObject
IsBadReadPtr
IsDebuggerPresent
GetModuleFileNameW
CreateFileW
InitializeCriticalSection
GetFileType
HeapReAlloc
IsProcessorFeaturePresent
LeaveCriticalSection
ReadFile
LoadLibraryA
GetModuleFileNameA
FindNextFileW
ReleaseSemaphore
EncodePointer
SetFilePointerEx
TlsSetValue
LCMapStringW
TerminateProcess
GetModuleHandleA
IsValidCodePage
ResetEvent
GetCurrentThreadId
lstrcatW
user32
LoadStringA
DialogBoxParamW
SendMessageA
PostMessageA
SetWindowTextW
DestroyWindow
CharUpperA
EndDialog
GetDlgItem
GetWindowLongA
LoadIconA
MessageBoxW
DialogBoxParamA
ShowWindow
CharUpperW
LoadStringW
SetWindowTextA
SetWindowLongA
KillTimer
SetTimer
shell32
SHGetSpecialFolderPathW
oleaut32
SysAllocStringLen
SysStringLen
VariantClear
advapi32
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
ole32
CoInitialize
CoCreateInstance
CoUninitialize
Sections
.text Size: 937KB - Virtual size: 937KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ