ChessBase17Setup-X64-msi-485749 (1)[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

ChessBase17Setup-X64-msi-485749 (1).zip
Size

22.7MB
MD5

f1e862bf28c7aa562eeb7b60df133e50
SHA1

243bff9b23bb650b63e9a3c8aeaa58912f8fa93b
SHA256

e01e704a21eae5ffc45806b7543daf3714908dbb223bde6c794125b876704c4f
SHA512

bc5ada42109e7f6a5ed7f14949a0d713967cd97a8535340a85a4eba510e4ee8083a8f5bc317f39087af9729b6d7b4dd2904f5b184d1ee580ca2173eda058fb3f
SSDEEP

393216:TBCloyEswQgahWB0EunDr3AMhNwTGTXrASb2ttrNFVKN5I5wx9oE1YutFMUPuB7K:TAiyEbQLhYtunDTNi6rASb2ttrNFsAUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Install_01210.exe

Files

ChessBase17Setup-X64-msi-485749 (1).zip
.zip
Install_01210.exe
.exe windows:6 windows x86 arch:x86

b29b91a7ec90d68903236c0410551a82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
CreateEventW
GetFileInformationByHandle
GetStringTypeW
TlsSetValue
FormatMessageW
lstrcatA
LocalFree
GetDateFormatW
GetSystemTimeAsFileTime
CreateFileA
GetLogicalDriveStringsW
DeleteFileW
GetFileSizeEx
GetModuleFileNameW
ReleaseSemaphore
FindClose
GetEnvironmentStringsW
DeleteTimerQueueTimer
UnregisterWaitEx
TryEnterCriticalSection
FindNextFileW
GetConsoleCP
WriteConsoleW
EncodePointer
GetFullPathNameW
GetCurrentThread
InterlockedPushEntrySList
GetLogicalDriveStringsA
AreFileApisANSI
InitializeSListHead
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetSystemDirectoryW
GlobalAlloc
GetLastError
LoadLibraryExW
MoveFileA
GetModuleHandleExW
GetCurrentProcessId
RemoveDirectoryW
InitializeCriticalSectionEx
TlsFree
GlobalFree
GetFileAttributesA
IsValidCodePage
FormatMessageA
GetVersionExA
SetStdHandle
FindFirstFileA
QueryDepthSList
RemoveDirectoryA
GetCommandLineW
WaitForSingleObjectEx
GetCurrentThreadId
PeekNamedPipe
CreateSemaphoreA
WriteFile
TlsAlloc
SetUnhandledExceptionFilter
ChangeTimerQueueTimer
QueryPerformanceFrequency
lstrlenA
GetEnvironmentVariableA
HeapFree
GetStartupInfoW
GlobalLock
VerSetConditionMask
GetCurrentDirectoryW
LoadLibraryW
InterlockedFlushSList
GetUserDefaultLCID
SetEnvironmentVariableA
SetEndOfFile
GetACP
FreeEnvironmentStringsW
VirtualProtect
ExitProcess
SetPriorityClass
FindNextFileA
CompareFileTime
InitializeCriticalSection
GetTickCount64
FileTimeToSystemTime
SwitchToThread
InterlockedPopEntrySList
SetThreadAffinityMask
SetFileAttributesA
WideCharToMultiByte
GetOEMCP
CreateTimerQueueTimer
FindFirstFileExA
GetCurrentDirectoryA
UnhandledExceptionFilter
GetProcessHeap
GetFileSize
GetConsoleMode
GetNumaHighestNodeNumber
SetFilePointer
HeapAlloc
CreateTimerQueue
SetFileTime
GetVersionExW
WaitForSingleObject
GetSystemInfo
GetDriveTypeW
GetModuleHandleW
IsValidLocale
GetProcAddress
GetProcessAffinityMask
GlobalMemoryStatus
FreeLibrary
CreateEventA
GetVersion
SetFilePointerEx
MultiByteToWideChar
VirtualFree
RtlUnwind
SleepEx
VerifyVersionInfoW
ResetEvent
IsProcessorFeaturePresent
GetThreadTimes
CompareStringW
CreateThread
GetTickCount
CreateDirectoryW
SetLastError
GetLogicalProcessorInformation
TerminateProcess
GetStdHandle
GetLocaleInfoW
GetThreadPriority
CloseHandle
HeapSize
LeaveCriticalSection
RaiseException
CreateFileW
GetModuleFileNameA
QueryPerformanceCounter
FlushFileBuffers
LoadLibraryA
ExitThread
ReadConsoleW
MoveFileW
EnterCriticalSection
MoveFileExW
TlsGetValue
DuplicateHandle
ReleaseSRWLockExclusive
CreateDirectoryA
HeapReAlloc
DecodePointer
ReadFile
WaitForMultipleObjects
RegisterWaitForSingleObject
SetEvent
GlobalUnlock
GetFileAttributesExW
GetFileAttributesW
Sleep
EnumSystemLocalesW
GetModuleHandleA
AcquireSRWLockExclusive
FileTimeToLocalFileTime
SignalObjectAndWait
UnregisterWait
IsDebuggerPresent
DeleteFileA
SystemTimeToTzSpecificLocalTime
GetTimeFormatW
SetFileAttributesW
VirtualAlloc
GetCommandLineA
LCMapStringW
GetTimeZoneInformation
GetFileType
FindFirstFileW
FreeLibraryAndExitThread
DeleteCriticalSection
GetCPInfo

user32

MapDialogRect
CheckDlgButton
EnableWindow
SetFocus
EndDialog
GetWindowLongA
GetParent
IsDlgButtonChecked
SetClipboardData
GetMonitorInfoA
EmptyClipboard
CloseClipboard
GetKeyState
CharUpperA
wsprintfA
ShowWindow
SendMessageW
SetWindowTextW
MessageBoxW
GetWindowRect
DialogBoxParamA
LoadIconA
SetTimer
GetWindowTextLengthW
GetFocus
SetCursor
SetWindowLongA
SetWindowTextA
MonitorFromWindow
InvalidateRect
GetWindowTextA
OpenClipboard
SystemParametersInfoA
GetWindowTextW
GetWindowTextLengthA
CharUpperW
PostMessageA
LoadCursorA
LoadStringA
MoveWindow
MessageBoxA
SendMessageA
ScreenToClient
LoadStringW
DialogBoxParamW
GetDlgItem
KillTimer

advapi32

CryptDestroyHash
CryptAcquireContextW
CryptGetHashParam
CryptReleaseContext
CryptHashData
CryptEncrypt
CryptImportKey
CloseServiceHandle
CryptCreateHash
CryptDestroyKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetFileInfoA

ole32

CoUninitialize
OleInitialize
CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
VariantClear

bcrypt

BCryptGenRandom

crypt32

CertGetCertificateChain
CertFindCertificateInStore
CryptStringToBinaryW
PFXImportCertStore
CryptDecodeObjectEx
CertFreeCertificateChain
CertFindExtension
CertOpenStore
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertFreeCertificateContext
CryptQueryObject
CertCloseStore
CertAddCertificateContextToStore
CertGetNameStringW
CertEnumCertificatesInStore

wldap32

ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord145
ord219
ord46
ord14
ord216
ord73
ord208
ord41
ord117
ord26

ws2_32

WSAIoctl
WSACreateEvent
recvfrom
sendto
getpeername
ioctlsocket
gethostname
socket
getsockopt
send
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSAEventSelect
getaddrinfo
WSACloseEvent
WSAResetEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
htons
setsockopt
freeaddrinfo
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b29b91a7ec90d68903236c0410551a82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

bcrypt

crypt32

wldap32

ws2_32

Sections

.text Size: 6.3MB - Virtual size: 6.3MB

.rdata Size: 239KB - Virtual size: 238KB

.data Size: 9KB - Virtual size: 30KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 84KB - Virtual size: 83KB

.text
Size: 6.3MB - Virtual size: 6.3MB

.rdata
Size: 239KB - Virtual size: 238KB

.data
Size: 9KB - Virtual size: 30KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 84KB - Virtual size: 83KB