Actualizacion[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Actualizacion.exe
Size

10.3MB
MD5

37a4331576e1896a66acd643ef20a2f5
SHA1

f52387ae9f8ff89263d1929460d3350eb9dc9ceb
SHA256

1583465bde5729f425d2bd62cfb5942823e3e35ee6763dd259ac39a691e25fa8
SHA512

8705f28c4e6620e12dd7a5446a6b46cb85c49e1ede34159731a5ec2240d19852590bb047112720227132df5df88cc818609f5d4573729bce3d9125b82932b0b6
SSDEEP

196608:OauZGm47VwW4znFoTIC558pJjUxgIoXk8f:SG/7VD+FoUCeJjUGIoXLf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Actualizacion.exe

Files

Actualizacion.exe
.exe windows:4 windows x86 arch:x86

31ff23ecc754d4becef2d357ce73517d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\blacava.IRONLORE\My Documents\TitanQuestSiegePos\Project\Patcher\Release Standalone FWD\Patcher.pdb

Imports

kernel32

GetFileAttributesW
GetFileTime
GetStartupInfoW
ExitProcess
HeapFree
RtlUnwind
TerminateProcess
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFlags
InterlockedIncrement
lstrcmpiW
InterlockedDecrement
CreateEventW
SetEvent
SetThreadPriority
WritePrivateProfileStringW
GlobalAddAtomW
GlobalFindAtomW
lstrlenA
lstrcatW
GetVersionExA
GetLastError
SetLastError
GlobalFree
MulDiv
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
lstrlenW
GetCurrentThread
MultiByteToWideChar
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
WideCharToMultiByte
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GetModuleHandleW
FindResourceExW
SuspendThread
ResumeThread
Sleep
CreateMutexW
WaitForSingleObject
GetCommandLineW
GetCurrentThreadId
SetThreadLocale
FindResourceW
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
FindResourceA
LoadResource
LockResource
CreateFileA
WriteFile
CloseHandle
FreeResource
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
GetFileType

user32

CharUpperW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
DestroyMenu
GetSysColorBrush
ReleaseCapture
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMessageW
GetCursorPos
ValidateRect
SetCursor
SetWindowContextHelpId
MapDialogRect
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetDesktopWindow
PostThreadMessageW
RegisterClipboardFormatW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
CreateWindowExW
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
PostMessageW
PeekMessageW
TranslateMessage
DispatchMessageW
OemToCharA
GetSystemMetrics
EnableWindow
LoadIconW
GetClientRect
IsIconic
SendMessageW
DrawIcon
wsprintfW
SetWindowsHookExW
MessageBoxW
GetDlgItem
SetDlgItemTextW
UnhookWindowsHookEx
CallNextHookEx
SendDlgItemMessageW

gdi32

OffsetViewportOrgEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
SetViewportExtEx

comdlg32

GetFileTitleW
GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
GetFileSecurityW
SetFileSecurityW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
RegEnumKeyW

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder
CommandLineToArgvW
SHGetPathFromIDListW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
SysFreeString
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ff23ecc754d4becef2d357ce73517d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 424KB - Virtual size: 423KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 424KB - Virtual size: 423KB