Desktop[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Desktop.7z
Size

653.2MB
MD5

b115bd02857cd3c58f5022936ebc0620
SHA1

71e9822efa8cb409c4ff24e1ab73a5ab0f221b32
SHA256

5e9c225f523cc19abc36c4cdd5387fca79264c8cad649951a617a2b3201f7499
SHA512

b35a697789391d3b5600a18113ddf683f3c27cb552d3e78b5319e6f6bdeab9bbd5df84c787529e5075fdecf3803725fbf34d6490088b60490a2147bb267e5988
SSDEEP

12582912:vb4hK/ho2bR5j9v5HNTkECLk3NFabTCChKZZ1DVb7kV7Wjgnmiv2fUVq:N5gcrCk5pfkZWcnmivgUVq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SETUP.exe

Files

Desktop.7z
.7z
SETUP.bin
SETUP.exe
.exe windows:6 windows x86 arch:x86

f4df401e3b9e6899857f8058fbf3ad2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
GetTimeZoneInformation
GetConsoleMode
QueryPerformanceCounter
GetStdHandle
SetStdHandle
HeapQueryInformation
QueryPerformanceFrequency
GetCommandLineW
GetCommandLineA
GetFileType
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
OutputDebugStringW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
GetTickCount64
SetErrorMode
GetFileAttributesExW
GlobalGetAtomNameW
GlobalFlags
GetUserDefaultUILanguage
UnhandledExceptionFilter
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToTzSpecificLocalTime
lstrcmpiW
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
FlushFileBuffers
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
VerifyVersionInfoW
VerSetConditionMask
GlobalSize
lstrcpyW
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
SetThreadPriority
GetCurrentThreadId
GetFileTime
VirtualQuery
WideCharToMultiByte
CopyFileW
GetFileSize
LocalFree
SetFilePointerEx
GetProcAddress
GetCurrentDirectoryW
FileTimeToLocalFileTime
LoadLibraryW
GetSystemInfo
DeleteFileW
LoadLibraryA
FileTimeToSystemTime
Sleep
SetFileAttributesW
GetModuleHandleA
GetFileAttributesW
LocalAlloc
FindClose
SetEndOfFile
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
SetFileTime
TerminateProcess
VirtualAlloc
GetCurrentProcess
FindNextFileW
GetFullPathNameW
VirtualProtect
GetFileSizeEx
FindFirstFileW
ReadFile
CreateDirectoryW
MultiByteToWideChar
MulDiv
GlobalUnlock
GlobalLock
ResetEvent
GlobalFree
GlobalAlloc
SetEvent
CreateEventW
ResumeThread
WaitForSingleObject
GetModuleHandleW
FindResourceW
LoadResource
CreateThread
CloseHandle
LockResource
GetDiskFreeSpaceExW
FormatMessageW
GetLogicalDriveStringsW
CreateFileW
GetTempPathW
WriteFile
SizeofResource
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
CreateMutexW
LeaveCriticalSection
SetThreadUILanguage
SetThreadLocale
EnterCriticalSection
HeapFree
LCMapStringW

user32

CloseClipboard
OpenClipboard
IntersectRect
CharUpperW
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetLastActivePopup
EmptyClipboard
DestroyIcon
CopyImage
CopyAcceleratorTableW
MapDialogRect
UpdateLayeredWindow
UnregisterClassW
EnableWindow
GetWindowLongW
MessageBoxW
IsWindowEnabled
ShowOwnedPopups
PostQuitMessage
DrawIconEx
IsRectEmpty
OffsetRect
DrawFocusRect
GetSysColorBrush
MapWindowPoints
RedrawWindow
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
GetAsyncKeyState
SetCapture
ReleaseCapture
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
ValidateRect
GetKeyState
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
SetClipboardData
IsIconic
InvalidateRect
UpdateWindow
KillTimer
GetClientRect
LoadIconW
GetForegroundWindow
SetTimer
DrawIcon
SetWindowTextW
GetSystemMetrics
SendMessageW
MessageBoxExW
GetWindowRect
ReleaseDC
SetRect
GetSysColor
CopyRect
FillRect
GetDC
GetParent
SetCursor
LoadCursorW
DrawStateW
InflateRect
LoadImageW
SetForegroundWindow
GetClassNameW
LoadBitmapW
SetWindowRgn
PostMessageW
GetWindowTextW
GetWindowThreadProcessId
CreateAcceleratorTableW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
HideCaret
InvertRect
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
SendDlgItemMessageA
WaitMessage
RealChildWindowFromPoint
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW

gdi32

CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CopyMetaFileW
CreateDCW
CreateBitmap
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
EnumFontFamiliesW
GetTextCharsetInfo
SetBkColor
SetTextColor
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ExtTextOutW
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
PatBlt
GetTextColor
GetBkColor
Ellipse
CreateRectRgnIndirect
CreateHatchBrush
CreateEllipticRgn
CombineRgn
GetStockObject
CreateRoundRectRgn
CreateRectRgn
GetObjectW
GetTextExtentPoint32W
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteObject
CreateSolidBrush
GetDeviceCaps
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyW
RegSetValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameW
PathIsUNCW
StrFormatKBSizeW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW

uxtheme

DrawThemeText
GetThemeSysColor
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemePartSize

ole32

CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
OleLoadPicture
SysFreeString
SysAllocStringByteLen
SysAllocString
SysStringLen

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipCloneImage
GdipAlloc
GdipDrawImageRectI
GdipDisposeImageAttributes
GdipDisposeImage
GdipCreateImageAttributes
GdipFree
GdipCreateFromHDC
GdipSetImageAttributesGamma
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipDrawImageRectRectI
GdipGetImageWidth
GdipDeleteGraphics
GdipGetImagePixelFormat

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW
mciSendStringW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
autorun.inf

Sharing

General

Malware Config

Signatures

Files

f4df401e3b9e6899857f8058fbf3ad2e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 326KB - Virtual size: 326KB

.data Size: 51KB - Virtual size: 68KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 142KB - Virtual size: 141KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 326KB - Virtual size: 326KB

.data
Size: 51KB - Virtual size: 68KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 142KB - Virtual size: 141KB