abkcaster[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

abkcaster.zip
Size

155KB
MD5

8d4a7490c06d85fb5e09a42530f5c589
SHA1

17a6ddf368ecf4897e16ee82f15f4f65a7d17452
SHA256

7b68dbb9f1c7a303da9bebe6a7b18665d0e23b4741fecb845cb61c8379221e09
SHA512

b66b38dd4146985cb1ab6e496e2e2a42224e4d65da25711b5ec03cb8013cf9e96acba46453308750f8169dc34b7b84f53b012963507b059a05dca593351cfe1f
SSDEEP

3072:v3JWaZ0VDorGFo13PJtShXDQ+xwuZhJlfbuy74tY7wqZtnSHTwqOw701TOpD:v5WI0Cy61fKnJJxbItJwBS0VY01T0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ABKCaster.exe

Files

abkcaster.zip
.zip
ABKCaster.exe
.exe windows:4 windows x86 arch:x86

0f7d63f5f8f4230158ecb1a3d6ce1a00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

dinput

DirectInputCreateA

winmm

PlaySoundA
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetTime

shlwapi

PathRemoveFileSpecA

kernel32

Beep
CloseHandle
ContinueDebugEvent
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
ExitThread
FlushInstructionCache
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTime
GetThreadContext
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
RaiseException
ReadFile
ReadProcessMemory
ReleaseMutex
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetPriorityClass
SetThreadContext
SetThreadLocale
SetThreadPriority
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForDebugEvent
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteProcessMemory

wsock32

WSACleanup
WSAStartup
closesocket
gethostbyname
htonl
htons
ioctlsocket
inet_addr
ntohs
recvfrom
sendto
socket
bind

user32

EnumThreadWindows
EnumWindows
GetDesktopWindow
GetForegroundWindow
GetKeyState
GetWindowTextA
GetWindowThreadProcessId
LoadStringA
MessageBoxA
PostMessageA
RegisterWindowMessageA
SetWindowPos
SystemParametersInfoA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 238KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
config_caster.ini

Sharing

General

Malware Config

Signatures

Files

0f7d63f5f8f4230158ecb1a3d6ce1a00

Headers

File Characteristics

Imports

dinput

winmm

shlwapi

kernel32

wsock32

user32

Exports

Exports

Sections

.text Size: 238KB - Virtual size: 240KB

.data Size: 58KB - Virtual size: 76KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 10KB - Virtual size: 12KB

.text
Size: 238KB - Virtual size: 240KB

.data
Size: 58KB - Virtual size: 76KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 10KB - Virtual size: 12KB