[bbs[.]keter[.]pub]LauncherSU[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

[bbs.keter.pub]LauncherSU.zip
Size

3.0MB
MD5

24f10c2064f71d2e343ab086113b3f28
SHA1

c38dbcd9fc86c5ee5ab28afd5b0366bbdc93c3c6
SHA256

5952eb355dad5671028e9a2a8a718abd2ca20ebcf9bd2b395a7da2253828255e
SHA512

71e8e6d1809470f12e2a9db144604f312e87aa77889ae79a3adee6a3edc2a5c5c0f361fa3b2203d1c970b8f5287b64d78b267a35bc8b5178aa7bb8b2ce43cf83
SSDEEP

98304:3soPCo2EEGtHVlmvFC4+SEUvn3Kx3dBZjMkCACo:/PCo2ot1cvFCPUP3Kx3dB5MrAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/LauncherSU.exe

Files

[bbs.keter.pub]LauncherSU.zip
.zip
LauncherSU.exe
.exe windows:6 windows x86 arch:x86

6c4cbe5ac147f135d7744b6d63294f2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetCommandLineA

user32

TrackMouseEvent
LoadBitmapA

gdi32

CreateCompatibleDC
GetTextMetricsA

gdiplus

GdipDeletePen

ole32

CreateStreamOnHGlobal

imm32

ImmGetContext

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

PathFileExistsA

winmm

PlaySoundA
midiOutUnprepareHeader

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

closesocket

comdlg32

GetOpenFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.9MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bat_crack.bat

Sharing

General

Malware Config

Signatures

Files

6c4cbe5ac147f135d7744b6d63294f2c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

gdiplus

ole32

imm32

shell32

shlwapi

winmm

winspool.drv

advapi32

oleaut32

comctl32

ws2_32

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 1.9MB - Virtual size: 5.1MB

.vmp0 Size: 1.6MB - Virtual size: 1.6MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 19KB - Virtual size: 20KB

.vmp0 Size: 4KB - Virtual size: 4KB

.text
Size: 1.9MB - Virtual size: 5.1MB

.vmp0
Size: 1.6MB - Virtual size: 1.6MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 19KB - Virtual size: 20KB

.vmp0
Size: 4KB - Virtual size: 4KB