Malware-Database-main (1)[.]zip

Resubmissions

20-03-2024 23:00

240320-2y4btadd85 10

15-03-2024 20:34

240315-zcmqtscf84 10

Sharing

Copy URL

Twitter E-mail

General

Target

Malware-Database-main (1).zip
Size

96.5MB
MD5

51305dd56975d19b89383f89cd0c345d
SHA1

c5f19481cefa5f79e04a289e451bdc20f3dc164c
SHA256

cd76a354a02015517a2b50d75aa3b68dd0e3164adbb040f6317251016bc62b21
SHA512

cfd62d333665ca237668504a219a0b1a137ed1ddca18299feb371b53afcc0d681259865e0b643edb6f031b8cb9f036b41d82e60ec8359eb7e48a1887a4137b52
SSDEEP

1572864:EUUx1ZUzfiNuLKno6PwohFZPKbtr3aLS6I2Mzv7c6uNhGQvbz6Km7xWf5l:EU+1KzQu+wsvP2t8JFwjc6ERPgW/

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack008/1d801e2756c864d01cd456f68752a86c52981576839625759ae9e400f0d2a2cf.exe	pyinstaller

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack003/Empire of dicks.exe
unpack005/073731fa5a5ef41b39784ec7db9846f1286d7000add6c0b5dd20357c81e23456.exe
unpack006/172c26f8914c92702cdbe134bf65280a1381a91e869f7eac0e62f7527.exe
unpack008/1d801e2756c864d01cd456f68752a86c52981576839625759ae9e400f0d2a2cf.exe

Files

Malware-Database-main (1).zip
.zip
Malware-Database-main/Adware/Media-Player_160889.zip
.zip

Password: infected
Media-Player_160889.exe
.exe windows:5 windows x86 arch:x86

007862785f1768f33eed4b9c1db48fc4

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

10-02-2022 00:00

Not After

10-02-2023 23:59

Subject

CN=10sIT Oy,O=10sIT Oy,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

66:8f:82:35:3c:80:b9:ab:c8:71:e9:a5:a9:43:bc:85:29:d0:76:ea:8e:75:5d:25:e3:7f:87:6b:8b:98:5e:a3
Signer

Actual PE Digest

66:8f:82:35:3c:80:b9:ab:c8:71:e9:a5:a9:43:bc:85:29:d0:76:ea:8e:75:5d:25:e3:7f:87:6b:8b:98:5e:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextFaceW
GetRegionData
CreateRectRgn
SetTextColor
DeleteObject
SetWorldTransform
GetCharABCWidthsI
SetGraphicsMode
GetTextMetricsW
CreateCompatibleDC
CreateDIBSection
GetCharABCWidthsW
CreateBitmap
RemoveFontMemResourceEx
CreateFontIndirectW
GetStockObject
SelectObject
DeleteDC
GetCharABCWidthsFloatW
SetTextAlign
AddFontMemResourceEx
EnumFontFamiliesExW
GetObjectW
CreateDCW
OffsetRgn
GetDeviceCaps
SelectClipRgn
GetDIBits
GetTextExtentPoint32W
GetFontData
GdiFlush
SetBkMode
CreateCompatibleBitmap
GetOutlineTextMetricsW
ExtTextOutW
GetGlyphOutlineW
CombineRgn
RemoveFontResourceExW
AddFontResourceExW
BitBlt

oleaut32

SystemTimeToVariantTime
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

imm32

ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmGetDefaultIMEWnd
ImmSetCandidateWindow
ImmGetContext

winmm

PlaySoundW

kernel32

SetFileAttributesW
GetUserDefaultLangID
MapViewOfFile
SetFilePointerEx
CopyFileW
FindFirstFileExW
WriteConsoleW
FormatMessageW
MultiByteToWideChar
GetDateFormatW
DuplicateHandle
SetThreadPriority
GetDateFormatA
SleepEx
OutputDebugStringA
GetFileType
PeekNamedPipe
CompareStringW
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetStringTypeW
GetLocaleInfoW
GetThreadPriority
FreeEnvironmentStringsW
GetEnvironmentStringsW
lstrlenA
TerminateProcess
InterlockedIncrement
GetTimeFormatA
GetFileAttributesExW
WriteFile
Sleep
OpenProcess
TlsSetValue
FreeLibrary
GetDriveTypeW
GetCurrentDirectoryW
GetModuleFileNameA
GlobalUnlock
IsDebuggerPresent
GetModuleFileNameW
QueryPerformanceCounter
ReleaseMutex
UnhandledExceptionFilter
GetVersionExW
CheckRemoteDebuggerPresent
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsValidLocale
lstrcmpW
GetACP
LoadLibraryW
GetModuleHandleA
GetLongPathNameW
GetUserGeoID
GlobalLock
DeleteFileA
CreateSemaphoreW
MoveFileExW
GetFileAttributesW
GetCommandLineW
SetErrorMode
HeapFree
DeleteCriticalSection
VirtualQuery
GetProcessHeap
GetCurrentThreadId
LeaveCriticalSection
IsValidLanguageGroup
EncodePointer
GetCurrentThread
InterlockedDecrement
FindClose
GetFileSize
SetHandleCount
TlsFree
SetEvent
FindNextFileW
GetModuleHandleW
HeapCreate
GetCurrentProcessId
DecodePointer
CreateThread
GetTempPathW
FindFirstFileW
GetSystemDirectoryW
FileTimeToLocalFileTime
GetCurrencyFormatW
GetGeoInfoW
RtlUnwind
SetLastError
GlobalSize
GetSystemInfo
FileTimeToSystemTime
EnumSystemLocalesA
GetTickCount64
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
LCMapStringW
GetUserDefaultLCID
OpenFileMappingW
ExitProcess
GetConsoleCP
GetLogicalDrives
ExpandEnvironmentStringsW
WaitForSingleObject
LocalFree
SetEndOfFile
HeapAlloc
OutputDebugStringW
GetFileSizeEx
VirtualFree
GetProcAddress
SetEnvironmentVariableA
GetConsoleMode
GetStartupInfoW
DeleteFileW
IsValidCodePage
DeviceIoControl
WaitForMultipleObjects
IsProcessorFeaturePresent
GetTickCount
GetFileInformationByHandle
SetFilePointer
HeapReAlloc
QueryPerformanceFrequency
HeapSize
GetVolumeInformationW
CreateProcessW
GetCurrentProcess
GlobalAlloc
GetLastError
GetConsoleWindow
GetOEMCP
LoadLibraryA
SetUnhandledExceptionFilter
TlsAlloc
ExitThread
CreateFileA
VerSetConditionMask
GetUserDefaultUILanguage
EnterCriticalSection
CloseHandle
CreateFileW
ReleaseSemaphore
CreateMutexW
ResetEvent
CreateFileMappingW
WideCharToMultiByte
GetTimeFormatW
GetLocaleInfoA
ResumeThread
CreateEventW
GetSystemTimeAsFileTime
TerminateThread
GetCommandLineA
GetTimeZoneInformation
TlsGetValue
InterlockedExchange
GetLocalTime
FlushFileBuffers
GetEnvironmentVariableA
VerifyVersionInfoW
RaiseException
HeapSetInformation
ReadFile
SetStdHandle
GetStdHandle
UnmapViewOfFile
MoveFileW
InitializeCriticalSection

user32

TrackMouseEvent
InvalidateRect
CreateWindowExW
MessageBeep
GetWindowPlacement
SystemParametersInfoW
NotifyWinEvent
SetCursor
GetSysColor
GetWindowTextW
GetClassInfoW
ChangeClipboardChain
RegisterWindowMessageW
ScreenToClient
PeekMessageW
ReleaseDC
SetTimer
GetClipboardFormatNameW
EnumDisplayMonitors
GetUpdateRect
GetCursorInfo
DestroyIcon
IsIconic
GetKeyboardState
GetWindowLongW
PostMessageW
MoveWindow
SetWindowPos
SetClipboardViewer
GetDoubleClickTime
CharNextExA
GetFocus
GetSystemMenu
RegisterClassExW
SetWindowLongW
IsChild
GetCapture
GetAncestor
GetMonitorInfoW
GetSystemMetrics
EnumWindows
SetWindowsHookExW
SetCursorPos
GetParent
FlashWindowEx
ClientToScreen
ReleaseCapture
GetMenu
RealGetWindowClassW
CallNextHookEx
GetClientRect
IsWindowVisible
CreateIconIndirect
SetForegroundWindow
DestroyWindow
GetDC
EnableMenuItem
IsZoomed
MessageBoxW
SetFocus
CreateCursor
LoadImageW
GetForegroundWindow
GetIconInfo
EndPaint
DispatchMessageW
UnhookWindowsHookEx
SetWindowTextW
BeginPaint
AdjustWindowRectEx
GetSysColorBrush
TrackPopupMenuEx
HideCaret
GetAsyncKeyState
GetWindowRect
CreateCaret
TranslateMessage
MapVirtualKeyW
SetCaretPos
UnregisterClassW
GetQueueStatus
ToAscii
DrawIconEx
KillTimer
ToUnicode
SetMenuItemInfoW
LoadIconW
GetCursorPos
GetWindowThreadProcessId
SendMessageW
GetCaretBlinkTime
DestroyCursor
SetCapture
MsgWaitForMultipleObjectsEx
GetKeyState
GetKeyboardLayoutList
RegisterClassW
GetMessageExtraInfo
SetWindowRgn
ShowWindow
RegisterClipboardFormatW
SetParent
DestroyCaret
DefWindowProcW
ChildWindowFromPointEx
GetDesktopWindow

shell32

SHGetPathFromIDListW
SHGetFileInfoW
SHGetMalloc
SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW

ole32

OleFlushClipboard
CoTaskMemAlloc
DoDragDrop
ReleaseStgMedium
OleIsCurrentClipboard
CoLockObjectExternal
RegisterDragDrop
CoTaskMemFree
OleSetClipboard
CoGetMalloc
CoCreateGuid
OleInitialize
CoInitialize
CoUninitialize
RevokeDragDrop
OleUninitialize
CoCreateInstance
OleGetClipboard

advapi32

RegQueryValueExW
CryptAcquireContextW
RegEnumValueW
CryptGetHashParam
CryptEncrypt
GetLengthSid
RegQueryInfoKeyW
CryptReleaseContext
RegSetValueExW
RegOpenKeyExW
CryptDestroyKey
FreeSid
RegCreateKeyExW
CryptHashData
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
CryptImportKey
CryptDestroyHash
CopySid
CryptGenRandom
GetTokenInformation
CryptCreateHash
RegDeleteKeyW
OpenProcessToken
RegFlushKey

ws2_32

htons
getsockopt
getpeername
socket
connect
WSASetLastError
WSAEnumNetworkEvents
bind
accept
listen
htonl
sendto
recvfrom
select
__WSAFDIsSet
ioctlsocket
gethostname
ntohs
getsockname
setsockopt
freeaddrinfo
recv
WSACloseEvent
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
getaddrinfo
WSACreateEvent
WSAStartup
WSACleanup
WSAGetLastError
send
closesocket
WSAAsyncSelect
WSAIoctl

crypt32

CertCloseStore
CertFindCertificateInStore
CertAddCertificateContextToStore
CertCreateCertificateChainEngine
CryptDecodeObjectEx
CertOpenStore
CertFindExtension
CertFreeCertificateChain
CertGetCertificateChain
CertEnumCertificatesInStore
CryptStringToBinaryW
CertFreeCertificateChainEngine
CertFreeCertificateContext
PFXImportCertStore
CryptQueryObject

wldap32

ord117
ord216
ord73
ord301
ord167
ord79
ord142
ord46
ord27
ord127
ord147
ord133
ord26
ord208
ord145
ord219
ord14
ord41

Exports

Exports

z_adler32
z_adler32_combine
z_adler32_combine64
z_compress
z_compress2
z_compressBound
z_crc32
z_crc32_combine
z_crc32_combine64
z_deflate
z_deflateBound
z_deflateCopy
z_deflateEnd
z_deflateInit2_
z_deflateInit_
z_deflateParams
z_deflatePrime
z_deflateReset
z_deflateSetDictionary
z_deflateSetHeader
z_deflateTune
z_get_crc_table
z_inflate
z_inflateCopy
z_inflateEnd
z_inflateGetHeader
z_inflateInit2_
z_inflateInit_
z_inflateMark
z_inflatePrime
z_inflateReset
z_inflateReset2
z_inflateSetDictionary
z_inflateSync
z_inflateSyncPoint
z_inflateUndermine
z_uncompress
z_zError
z_zlibCompileFlags
z_zlibVersion

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malware-Database-main/Bad Jokes/Empireofdicks.zip
.zip

Password: infected
Empire of dicks.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Dinaco\source\repos\Empire of dicks\Empire of dicks\obj\Release\Empire of dicks.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malware-Database-main/Bad Jokes/README.MD
Malware-Database-main/Others/02903faf446ed43d79a8509e7743b41eab9605cfb48261bb2105176c3d4a877b.zip
.zip

Password: infected
02903faf446ed43d79a8509e7743b41eab9605cfb48261bb2105176c3d4a877b.exe
.exe windows:5 windows x86 arch:x86

1b58743aa6d3922ef077981e7514edd8

Code Sign

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12-05-2022 20:46

Not After

11-05-2023 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:96:13:e4:88:3f:fc:19:f8:06:57:8b:72:28:52:0b:ee:58:cb:2f:41:df:84:09:f8:ef:87:dd:b1:7d:42:46
Signer

Actual PE Digest

33:96:13:e4:88:3f:fc:19:f8:06:57:8b:72:28:52:0b:ee:58:cb:2f:41:df:84:09:f8:ef:87:dd:b1:7d:42:46

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
InitializeCriticalSection
GetLocaleInfoA
GetModuleHandleA
HeapSize
GetProcAddress
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetDlgItemTextA
SendMessageA
GetCursorPos
TrackPopupMenu
ClientToScreen
DestroyMenu
CreatePopupMenu
AppendMenuA
SendDlgItemMessageA
GetDlgItem

gdi32

GetObjectW
SetDCPenColor

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Malware-Database-main/Others/073731fa5a5ef41b39784ec7db9846f1286d7000add6c0b5dd20357c81e23456.zip
.zip

Password: infected
073731fa5a5ef41b39784ec7db9846f1286d7000add6c0b5dd20357c81e23456.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malware-Database-main/Others/172c26f8914c92702cdbe134bf65280a1381a91e869f7eac0e62f7527.zip
.zip

Password: infected
172c26f8914c92702cdbe134bf65280a1381a91e869f7eac0e62f7527.exe
.exe windows:6 windows x86 arch:x86

161839a78ef6f07a30d3f07895f6fe23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
CheckRemoteDebuggerPresent
CreateFileW
GetProcAddress
LoadLibraryA
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

DestroyWindow
CharUpperBuffW

gdi32

GetObjectW

ole32

CoDecodeProxy
CoInitialize

Sections

.text
Size: - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.`<-
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GK'
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LuF
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Malware-Database-main/Others/1b59b0fa612e7c3d9ce272143058be6815b4ec563dfd7e1782657fe7c2f23812.zip
.zip

Password: infected
1b59b0fa612e7c3d9ce272143058be6815b4ec563dfd7e1782657fe7c2f23812.exe
.ps1
Malware-Database-main/Others/1d801e2756c864d01cd456f68752a86c52981576839625759ae9e400f0d2a2cf.zip
.zip

Password: infected
1d801e2756c864d01cd456f68752a86c52981576839625759ae9e400f0d2a2cf.exe
.exe windows:5 windows x64 arch:x64

0b5552dccd9d0a834cea55c0c8fc05be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
MessageBoxW
MessageBoxA
SystemParametersInfoW
DestroyIcon
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawTextW
GetDialogBaseUnits
EndDialog
DialogBoxIndirectParamW
MoveWindow
SendMessageW

comctl32

ord380

kernel32

GetStringTypeW
GetFileAttributesExW
HeapReAlloc
FlushFileBuffers
GetCurrentDirectoryW
IsValidCodePage
GetACP
GetModuleHandleW
MulDiv
GetLastError
SetDllDirectoryW
GetModuleFileNameW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
GetOEMCP
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize
WriteConsoleW
SetEnvironmentVariableW
RtlUnwindEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
SetEndOfFile
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW

advapi32

OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

gdi32

SelectObject
DeleteObject
CreateFontIndirectW

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
main.pyc
Malware-Database-main/Others/29756b65627cf2af64ed4398d51c2eafc2184b22489ea727358612779cb579a9.zip
.zip
Malware-Database-main/Others/3ca5fe2c37452143403ea2ba7f348195e5458df33235afa3a43eb065150d77fc.zip
.zip
Malware-Database-main/Others/96e3f394ea17a7ae098d53be6adf0aeb620aee68250f0a39013d9649c0b51e33.zip
.zip
Malware-Database-main/Others/README.MD
Malware-Database-main/Others/a8f7dd1e23bc41679830460c057b46be6865bbf9a50d0a9d90329b175e447c03.zip
.zip
Malware-Database-main/Others/cf0d6fa8a06e2be3c42889384d6dad29b5d3aa6e52bd96667e6e542b8a448b97.zip
.zip
Malware-Database-main/Others/ebaa306de0dfa35998acc21567bf515c328935af8a78404f526cddfc85837c89.zip
.zip
Malware-Database-main/Others/ebf8638b90bcca65e105dd7329ee516689bb5d6a9dc59a60139f88587c1ddac0.zip
.zip
Malware-Database-main/README.md
Malware-Database-main/Trojans/GLManager.zip
.zip
Malware-Database-main/Trojans/TLLauncherCracked-2024.zip
.zip

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

007862785f1768f33eed4b9c1db48fc4

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

66:8f:82:35:3c:80:b9:ab:c8:71:e9:a5:a9:43:bc:85:29:d0:76:ea:8e:75:5d:25:e3:7f:87:6b:8b:98:5e:a3Signer

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

oleaut32

imm32

winmm

kernel32

user32

shell32

ole32

advapi32

ws2_32

crypt32

wldap32

Exports

Exports

Sections

.text Size: 6.3MB - Virtual size: 6.3MB

.rdata Size: 2.5MB - Virtual size: 2.5MB

.data Size: 54KB - Virtual size: 73KB

.tls Size: 512B - Virtual size: 3B

.qtmetad Size: 2KB - Virtual size: 1KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 266KB - Virtual size: 265KB

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 12.4MB - Virtual size: 12.4MB

.rsrc Size: 270KB - Virtual size: 269KB

.reloc Size: 512B - Virtual size: 12B

Password: infected

1b58743aa6d3922ef077981e7514edd8

Code Sign

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:ccCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

33:96:13:e4:88:3f:fc:19:f8:06:57:8b:72:28:52:0b:ee:58:cb:2f:41:df:84:09:f8:ef:87:dd:b1:7d:42:46Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

94:9b:b8:d4:dd:2e:4e:21:68:2a:13:02:9f:3a:98:38
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

66:8f:82:35:3c:80:b9:ab:c8:71:e9:a5:a9:43:bc:85:29:d0:76:ea:8e:75:5d:25:e3:7f:87:6b:8b:98:5e:a3
Signer

.text
Size: 6.3MB - Virtual size: 6.3MB

.rdata
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 54KB - Virtual size: 73KB

.tls
Size: 512B - Virtual size: 3B

.qtmetad
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 266KB - Virtual size: 265KB

.text
Size: 12.4MB - Virtual size: 12.4MB

.rsrc
Size: 270KB - Virtual size: 269KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

33:96:13:e4:88:3f:fc:19:f8:06:57:8b:72:28:52:0b:ee:58:cb:2f:41:df:84:09:f8:ef:87:dd:b1:7d:42:46
Signer

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 372KB - Virtual size: 375KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 176KB - Virtual size: 176KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 94KB

.rdata
Size: - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.`<-
Size: - Virtual size: 4.3MB

.GK'
Size: 1024B - Virtual size: 896B

.LuF
Size: 6.6MB - Virtual size: 6.6MB

.rsrc
Size: 306KB - Virtual size: 305KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 64KB

.pdata
Size: 8KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 150KB - Virtual size: 150KB

.reloc
Size: 2KB - Virtual size: 1KB