File-House[.]Party[.]v1[.]3[.]1[.]12069e[.]Incl[.]ALL[.]DLC[.]Un-594260[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

File-House.Party.v1.3.1.12069e.Incl.ALL.DLC.Un-594260.zip
Size

18.0MB
MD5

23cb4c4481eab650b49e0ce7b4fab482
SHA1

8d7c8b32fc99e1c2573d69ba9764683d5c5b0575
SHA256

073bdd8f656a49325b31bf7ef1ed791060f9018bbe1158d0172e83c38472c036
SHA512

3beadf1090b760eff9ce1d9686a5b840e4d2bdd12ab27707d7a4dc4195ae1bee5c0da76f811e2b80c71dfcc5b7e8f8bf5f51148ef935cedb9ca427d21e29906a
SSDEEP

393216:U8PE2rzxGjXFtf086tI9NhCop58xeyxK7HvO6pwhRyVg1T2Uo:U8NGjHf08GIHhCC58AA6pwhjto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setupprogram_01234.exe

Files

File-House.Party.v1.3.1.12069e.Incl.ALL.DLC.Un-594260.zip
.zip

Password: idk
Setupprogram_01234.exe
.exe windows:4 windows x86 arch:x86

Password: idk

83acb1886ce1e9350ddd14f8291cbbfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
LoadLibraryA
Sleep
HeapReAlloc
CompareStringW
GetModuleFileNameA
HeapFree
WideCharToMultiByte
QueryPerformanceCounter
GetLocalTime
DeleteCriticalSection
SetEndOfFile
CreateThread
FlushFileBuffers
TerminateProcess
GetVersionExA
RtlUnwind
HeapDestroy
GetModuleHandleW
GetFileAttributesA
EnterCriticalSection
TlsSetValue
GetCurrentThreadId
GetProcessHeap
VirtualFree
SleepEx
InterlockedDecrement
MoveFileExA
HeapAlloc
CompareStringA
GetCommandLineA
WaitForMultipleObjects
GetEnvironmentStrings
SetFilePointer
CreateFileA
ReadFile
PeekNamedPipe
GetFullPathNameA
HeapCreate
GetCurrentProcessId
GetCurrentThread
GetVersion
GetStringTypeW
WriteFile
FileTimeToLocalFileTime
GetEnvironmentStringsW
CloseHandle
SetEnvironmentVariableA
MultiByteToWideChar
SetHandleCount
VirtualAlloc
GetDriveTypeA
LCMapStringW
FindFirstFileA
FileTimeToSystemTime
GetTickCount
GetCPInfo
FreeEnvironmentStringsA
ExitThread
GetSystemTime
FreeEnvironmentStringsW
GetTimeZoneInformation
TlsGetValue
GetFileType
InterlockedIncrement
ExitProcess
GetCurrentDirectoryA
SetLastError
GetProcAddress
InitializeCriticalSection
DeleteFileA
GetStartupInfoA
QueryPerformanceFrequency
LCMapStringA
GetFileInformationByHandle
GetFileSize
GetStartupInfoW
TlsAlloc
GetOEMCP
GetModuleHandleA
GetEnvironmentVariableA
GetStringTypeA
GetCommandLineW
GetACP
FindClose
GetSystemDirectoryA
FreeLibrary
LeaveCriticalSection
GetCurrentProcess
UnhandledExceptionFilter
WaitForSingleObject
GetLastError
MoveFileW
SetStdHandle
FormatMessageA
GetStdHandle
GetModuleFileNameW

user32

PostQuitMessage
SetWindowPos
GetMessageW
GetClientRect
ShowWindow
PostMessageW
DefWindowProcW
CreateWindowExW
GetSystemMetrics
LoadIconW
FillRect
SendMessageA
TranslateMessage
DispatchMessageW
EndPaint
GetWindowRect
RedrawWindow
MessageBoxA
UpdateWindow
BeginPaint
DrawTextW
RegisterClassExW

gdi32

SetBkMode
SetTextColor
DeleteObject
CreateSolidBrush

advapi32

CryptEncrypt
CryptGetHashParam
CryptAcquireContextA
CryptImportKey
CryptDestroyHash
CryptHashData
CloseServiceHandle
CryptDestroyKey
CryptCreateHash
CryptGenRandom
CryptReleaseContext

crypt32

CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateContext
CryptDecodeObjectEx
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CryptStringToBinaryA
CryptQueryObject
CertGetCertificateChain
CertFreeCertificateChain
CertCreateCertificateChainEngine
CertCloseStore
PFXImportCertStore
CertOpenStore

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord45
ord60
ord22
ord211
ord26
ord143
ord50
ord217

ws2_32

closesocket
send
WSAGetLastError
WSACleanup
WSAStartup
recv
ntohs
getsockname
getpeername
WSASetLastError
getsockopt
setsockopt
connect
WSAIoctl
bind
htons
socket
inet_ntoa
htonl
gethostbyname
inet_addr
getservbyname
gethostbyaddr
getservbyport
accept
sendto
recvfrom
select
__WSAFDIsSet
ioctlsocket
gethostname
ntohl
listen

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: idk

Password: idk

83acb1886ce1e9350ddd14f8291cbbfd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 204KB - Virtual size: 200KB

.data Size: 56KB - Virtual size: 75KB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 52KB - Virtual size: 49KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 204KB - Virtual size: 200KB

.data
Size: 56KB - Virtual size: 75KB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 52KB - Virtual size: 49KB