ST_Internal_Free[.]zip

Resubmissions

24/02/2024, 01:08

240224-bhds4sec7v 10

24/02/2024, 01:04

240224-be4v5ade45 10

24/02/2024, 00:48

240224-a5tbmsea9y 10

24/02/2024, 00:40

240224-a1lq1adb85 10

Sharing

Copy URL Twitter E-mail

General

Target

ST_Internal_Free.zip
Size

46.6MB
MD5

1bc2a7c47cb45b802df7d2c054257b58
SHA1

700e1e860b19197cfaf2df1088ad2526a98b05d3
SHA256

f5fb9a103dae4b133aaf3c64481d83f6679646079c094126836f88cc913f9070
SHA512

776a2186ffc5a0e344f0a60f71cb7fec055a86ca4b6e0065a32841c4150ce6279db954ee3e5520638f685807682d43ae292352065e39d80ba62b4e01f92394bb
SSDEEP

786432:inFtLcwUe4VrcB8H+AZXMUbZ5ixPlaGT3TvujWb2Lx+nlnzr1P:iFtAR7r8OxbOEMTvD6mlnzp

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ST_Internal_Free/ST_Internal_Loader(V10 - Other Servers).exe
unpack001/ST_Internal_Free/ST_Internal_Loader(V10).exe

Files

ST_Internal_Free.zip
.zip
ST_Internal_Free/README (STEPS).txt
ST_Internal_Free/ST_Internal_Loader(V10 - Other Servers).exe
.exe windows:6 windows x64 arch:x64

b44439dc7098fda4e750f91a79558c9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteProcessMemory
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

FindWindowA

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_set_app_type

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xor0
Size: - Virtual size: 16.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xor1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xor2
Size: 26.9MB - Virtual size: 26.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ST_Internal_Free/ST_Internal_Loader(V10).exe
.exe windows:6 windows x64 arch:x64

b44439dc7098fda4e750f91a79558c9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteProcessMemory
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

FindWindowA

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_set_app_type

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xor0
Size: - Virtual size: 16.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xor1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xor2
Size: 27.2MB - Virtual size: 27.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b44439dc7098fda4e750f91a79558c9d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 31KB

.rdata Size: - Virtual size: 10KB

.data Size: - Virtual size: 1KB

.pdata Size: - Virtual size: 1KB

.xor0 Size: - Virtual size: 16.1MB

.xor1 Size: 3KB - Virtual size: 2KB

.xor2 Size: 26.9MB - Virtual size: 26.9MB

.reloc Size: 512B - Virtual size: 280B

.rsrc Size: 15KB - Virtual size: 15KB

b44439dc7098fda4e750f91a79558c9d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 31KB

.rdata Size: - Virtual size: 10KB

.data Size: - Virtual size: 1KB

.pdata Size: - Virtual size: 1KB

.xor0 Size: - Virtual size: 16.4MB

.xor1 Size: 3KB - Virtual size: 2KB

.xor2 Size: 27.2MB - Virtual size: 27.2MB

.reloc Size: 512B - Virtual size: 280B

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: - Virtual size: 31KB

.rdata
Size: - Virtual size: 10KB

.data
Size: - Virtual size: 1KB

.pdata
Size: - Virtual size: 1KB

.xor0
Size: - Virtual size: 16.1MB

.xor1
Size: 3KB - Virtual size: 2KB

.xor2
Size: 26.9MB - Virtual size: 26.9MB

.reloc
Size: 512B - Virtual size: 280B

.rsrc
Size: 15KB - Virtual size: 15KB

.text
Size: - Virtual size: 31KB

.rdata
Size: - Virtual size: 10KB

.data
Size: - Virtual size: 1KB

.pdata
Size: - Virtual size: 1KB

.xor0
Size: - Virtual size: 16.4MB

.xor1
Size: 3KB - Virtual size: 2KB

.xor2
Size: 27.2MB - Virtual size: 27.2MB

.reloc
Size: 512B - Virtual size: 280B

.rsrc
Size: 15KB - Virtual size: 15KB