WinRAR-ZIP-Archiv (neu)[.]zip

Resubmissions

28-03-2024 15:06

240328-sgx9sshb9x 10

28-03-2024 14:55

240328-sar47sha3x 10

Sharing

Copy URL

Twitter E-mail

General

Target

WinRAR-ZIP-Archiv (neu).zip
Size

661KB
MD5

3fb9302a9bb732ead22e983216cf9ce2
SHA1

dde895a60d2e66a268ffca1e9c251cab6097a027
SHA256

c8b41de669363ff7fecae244b46fcc2455cf09c10fd783815094659f912ee326
SHA512

cabe19f842bda50b7d979f32217f3e95e6e0e2ac8b5827080939549e05931ee0a8cde9be7d41664a0be243b33dbddea1df0ccbebbf87004e801441a414f0ee39
SSDEEP

12288:dcjOSQr11lCeqDBLT1VFj/ofBWy0tVKmhxfQRcQ2qq0HKiDSfutT/a8PBN:uaSQJ1ll0V5ofx0tVKCxfQRcQ2EH2fuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/215c37360388d16653ffc1740c639d486753a9db69a8ad4f3e1b172b1b712df4.exe.old
unpack001/5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9.exe.old
unpack001/8d2f2ee24882afe11f50e3d6d9400e35fa66724b321cb9f5a246baf63cbc1788.exe.old
unpack001/d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.exe.old
unpack001/f8da280bb9f81028c14d1e156d6685cdb5f75219a60f645f72e520fb5e388712.exe.old

Files

WinRAR-ZIP-Archiv (neu).zip
.zip
215c37360388d16653ffc1740c639d486753a9db69a8ad4f3e1b172b1b712df4.exe.old
.exe windows:5 windows x86 arch:x86

db206e36db5c9492ce02c61a679129e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
DispatchMessageA
DrawTextA
EndPaint
TranslateMessage
GetMessageA
PostQuitMessage
ShowWindow
UpdateWindow
MoveWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
MessageBoxA
SendMessageA
LoadIconA
DestroyWindow
LoadCursorA
GetClientRect
GetWindowRect

kernel32

GetLastError
lstrcpyA
GetModuleHandleA
GetCommandLineA
DeleteFileA
CloseHandle
CreateFileA

gdi32

DeleteObject
CreateFontIndirectA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5e902a138174c34e5445685c82b2044e0b35565854471aaccef0315c77288dc9.exe.old
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
8d2f2ee24882afe11f50e3d6d9400e35fa66724b321cb9f5a246baf63cbc1788.exe.old
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.exe.old
.exe windows:5 windows x86 arch:x86

7e8ad4139efc6cbcf31df3bc4b291dd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
memcpy
memmove
_vsnprintf
_vsnwprintf
_purecall
memset

kernel32

LoadLibraryW
FreeLibrary
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
CreateMutexW
ReleaseMutex
FindResourceExW
LoadResource
SizeofResource
LockResource
CreateProcessW
SetFilePointerEx
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
GetDateFormatW
GetTimeFormatW
GetCurrentThreadId
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetEnvironmentVariableW
CopyFileExW
GetUserDefaultUILanguage
DeleteCriticalSection
FindClose
FindFirstFileW
DeleteFileW
GetFileTime
SetLastError
GetFileSizeEx
FlushFileBuffers
ReadFile
WriteFile
SetFileTime
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
SetFileAttributesW
CreateFileW
GetFileAttributesW
Sleep
GetTickCount
MoveFileExW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
WaitForMultipleObjects
ResetEvent
GetTempPathW
GetLogicalDrives
GetDriveTypeW
LocalFree
CloseHandle
CreateEventW
GetLastError
GetHandleInformation
SetThreadPriority
GetModuleFileNameW
GetCurrentThread
GetModuleHandleW
SetEvent
GetComputerNameW
WaitForSingleObject
SetErrorMode
GetCommandLineW
ExitProcess
CreateThread

user32

MessageBoxIndirectW
InSendMessage
ClientToScreen
GetWindowLongW
GetClassNameW
GetCaretPos
TrackPopupMenu
AppendMenuW
GetCursorPos
CreatePopupMenu
SetMenuDefaultItem
DestroyMenu
LoadIconW
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
SystemParametersInfoW
ScrollWindowEx
GetSystemMetrics
UpdateWindow
SetScrollInfo
MessageBoxW
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
GetParent
GetClientRect
IsDialogMessageW
DestroyWindow
BeginPaint
DrawFocusRect
IntersectRect
GetDlgItem
SendMessageW
GetDlgCtrlID
SetWindowTextW
MoveWindow
GetDC
ReleaseDC
CharLowerW
PostQuitMessage
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
DispatchMessageW
SetTimer
PostMessageW
SetFocus
RegisterClassExW
FlashWindowEx
InvalidateRect
GetWindowTextW
MonitorFromWindow
SetWindowPos
ShowWindow
GetForegroundWindow
AdjustWindowRectEx
IsWindowVisible
GetMonitorInfoW
DefWindowProcW
DialogBoxParamW
SetWindowLongW
EndDialog
CreateDialogParamW
MonitorFromPoint
UnregisterClassW
SetForegroundWindow
GetKeyState
ReplyMessage
GetScrollInfo
CreateWindowExW

advapi32

CryptAcquireContextW
RegSetValueExW
RegEnumKeyExW
RegFlushKey
CryptSetKeyParam
CryptGetKeyParam
CryptReleaseContext
CryptImportKey
CryptEncrypt
CryptGenKey
CryptDestroyKey
CryptDecrypt
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCreateKeyExW
RegCloseKey
CryptExportKey
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

uxtheme

SetWindowTheme

gdi32

GetDeviceCaps
CreateSolidBrush
GetObjectW
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
GetObjectA
CreateFontIndirectW

comctl32

InitCommonControlsEx
ord413
ord410

shlwapi

StrCmpW
StrCmpNW
StrCmpIW
PathMatchSpecW
PathRemoveBackslashW
PathAddBackslashW
ord12
PathFindFileNameW
PathRemoveFileSpecW
PathUnquoteSpacesW
StrChrW
PathQuoteSpacesW

msimg32

AlphaBlend

winhttp

WinHttpConnect
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpWriteData
WinHttpOpenRequest
WinHttpReadData
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpOpen

gdiplus

GdipAlloc
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusStartup
GdipDeleteBrush
GdipCreateBitmapFromStream
GdipCreateFontFromLogfontA
GdipSetStringFormatLineAlign
GdipDeleteFont
GdipDeleteGraphics
GdipDrawImageRectI
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdipFree
GdipCloneBrush

ole32

CoInitializeEx
CoUninitialize
CoTaskMemFree
StringFromGUID2

crypt32

CryptImportPublicKeyInfo
CryptStringToBinaryA
CryptDecodeObjectEx

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f8da280bb9f81028c14d1e156d6685cdb5f75219a60f645f72e520fb5e388712.exe.old
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ezz\source\repos\Mionoho\Mionoho\obj\Debug\Mionoho.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

db206e36db5c9492ce02c61a679129e2

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 10KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 202KB - Virtual size: 201KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 359KB - Virtual size: 359KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

7e8ad4139efc6cbcf31df3bc4b291dd8

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

uxtheme

gdi32

comctl32

shlwapi

msimg32

winhttp

gdiplus

ole32

crypt32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 248KB - Virtual size: 247KB

.reloc Size: 8KB - Virtual size: 7KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 10KB

.text
Size: 202KB - Virtual size: 201KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 359KB - Virtual size: 359KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 248KB - Virtual size: 247KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B