Injected_LoadExe_Malware[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Injected_LoadExe_Malware.zip
Size

386KB
MD5

915dc668d03b446038477916ff183871
SHA1

3803f5967482679491908aca3e7486105c744936
SHA256

3244606c4d740afa7a0c8f5e89a99c9ed8940103213451e23c1d9af3c89e3f75
SHA512

f592d95d0e3cee01e006e1c3dd83455b32abf18d76d7689a5d2b508a8eb285191605c33da2391519ea24bf52c080c0d3a03c36b1974ea074ad1f1140d073e66b
SSDEEP

6144:veDOgAZ7Xq1XkTb5EP608f3ZkjGar0WPgSmdUnywP8vga5sl/b+Gsdf8JyKmkEJh:WDQZ4XkK60bG80CkqZl/aGCxVW1O1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Injected_LoadExe_Malware.bin

Files

Injected_LoadExe_Malware.zip
.zip

Password: asd123!@#
Injected_LoadExe_Malware.bin
.exe windows:5 windows x86 arch:x86

Password: asd123!@#

3c98c11017e670673be70ad841ea9c37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

SHAutoComplete

kernel32

DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetVersionExW
GetFullPathNameA
GetFullPathNameW
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcessId
SetFileAttributesW
GetNumberFormatW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetExitCodeProcess
GetTempPathW
MoveFileExW
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
SetEnvironmentVariableW
OpenFileMappingW
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
WideCharToMultiByte
CompareStringW
IsDBCSLeadByte
GetCPInfo
GlobalAlloc
SetCurrentDirectoryW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
ReadFile
GetCurrentDirectoryW
CreateFileW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
FlushFileBuffers
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
GetLocaleInfoW

user32

GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
IsWindow
CopyRect
DestroyWindow
DefWindowProcW
RegisterClassExW
LoadCursorW
UpdateWindow
CreateWindowExW
MapWindowPoints
GetParent
GetDlgItemTextW
TranslateMessage
DispatchMessageW
wvsprintfW
wvsprintfA
CharUpperA
CharToOemBuffA
LoadStringW
GetWindowRect
GetClientRect
SetWindowPos
GetWindowTextW
SetWindowTextW
GetSystemMetrics
GetWindow
GetWindowLongW
CharUpperW
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
SendDlgItemMessageW
DestroyIcon
EndDialog
SetFocus
SetDlgItemTextW
SendMessageW
GetDC
ReleaseDC
PeekMessageW
FindWindowExW
GetMessageW
SetWindowLongW

gdi32

GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
AdjustTokenPrivileges

shell32

SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance
OleInitialize

oleaut32

VariantInit

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: asd123!@#

Password: asd123!@#

3c98c11017e670673be70ad841ea9c37

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 93KB

.CRT Size: 512B - Virtual size: 32B

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 93KB

.CRT
Size: 512B - Virtual size: 32B

.rsrc
Size: 14KB - Virtual size: 13KB