6d37347fc5209f1d016511baaf330741252af5314cba2245f706d8c7a5e7cce1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

6d37347fc5209f1d016511baaf330741252af5314cba2245f706d8c7a5e7cce1.zip
Size

2.2MB
MD5

bd3f7205c1feb9b6052e571b54cec680
SHA1

8ae4e249dd57f7fcb17ba2a5ecfca25a3f2492a8
SHA256

6d37347fc5209f1d016511baaf330741252af5314cba2245f706d8c7a5e7cce1
SHA512

b124c80745c654d078934ffe57d3733615bc76ecdd559a86807f0aed6aea3f617154b021694632f9162df02000da5f8c29989bc6c069da092d3b8b6967c489b1
SSDEEP

49152:KMuaoo9ttPxPUsoEN+FfcUJSrgcMYjlN+ybaafNcgDmrw5+2HDT/rI42hXd5LdeO:KTHo9Gs2FUrW2RKc5+OTUzhXdNdaHfY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/feeding_book_2024_60Hz_R00.exe

Files

6d37347fc5209f1d016511baaf330741252af5314cba2245f706d8c7a5e7cce1.zip
.zip
checksums.txt
feeding_book_2024_60Hz_R00.zip
.zip
feeding_book_2024_60Hz_R00.exe
.exe windows:6 windows x86 arch:x86

63eaaeb9ce9f9442196a9714d37b2a46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\OtherComp\D\D1Ex\Projects\src\xls2exe\RtmStarter\Win32\Release\RtmStarter.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wsock32

ntohl
select
gethostbyname
WSAStartup
socket
connect
ioctlsocket
recv
htons
htonl
send

gdiplus

GdiplusStartup
GdiplusShutdown
GdipFree
GdipGetImageBounds
GdipCloneImage
GdipLoadImageFromStream
GdipDrawImageRectI
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipAlloc

kernel32

HeapReAlloc
HeapSize
lstrlenW
Sleep
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RaiseException
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObject
MulDiv
DecodePointer
GetCommandLineW
GetLongPathNameW
GetModuleFileNameW
GetTempPathW
CreateMutexW
CreateEventW
GlobalFree
CloseHandle
CreateThread
GetProcAddress
LocalFree
GetCurrentProcessId
GetModuleHandleW
GlobalUnlock
SizeofResource
CreateFileW
GetFileAttributesW
LockResource
QueryPerformanceFrequency
LoadResource
FindResourceW
GetWindowsDirectoryW
FreeLibrary
QueryPerformanceCounter
LoadLibraryExW
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSectionEx
GlobalAlloc
GlobalLock
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
GetDateFormatW
GetVolumeInformationW
DeviceIoControl
GetVersionExW
LoadLibraryW
GlobalReAlloc
TlsGetValue
GetSystemTime
ReadFile
GetSystemDirectoryW
InterlockedPopEntrySList
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
GetStdHandle
ExitProcess
GetTimeZoneInformation
PeekNamedPipe
GetFileType
GetFileInformationByHandle
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RemoveDirectoryW
DeleteFileW
SystemTimeToTzSpecificLocalTime
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
GetCommandLineA
TlsSetValue
RtlUnwind
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetSystemTimeAsFileTime
ReadConsoleW
SetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
WriteConsoleW
SetEndOfFile
TlsAlloc
InitializeSListHead
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
TlsFree
LCMapStringEx
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
GetStringTypeW
IsProcessorFeaturePresent

user32

GetWindowRect
MoveWindow
ScreenToClient
CreateWindowExW
GetClientRect
DefWindowProcW
SetWindowLongW
IsWindow
UpdateWindow
PeekMessageW
ShowWindow
SetWindowTextW
GetDC
SendMessageW
SetWindowPos
DispatchMessageW
EndDialog
ReleaseDC
MapWindowPoints
GetDialogBaseUnits
SetTimer
HideCaret
EndPaint
BeginPaint
GetDlgCtrlID
SetForegroundWindow
GetSystemMetrics
ClientToScreen
KillTimer
EnumWindows
GetClassNameW
GetWindowThreadProcessId
PostMessageW
GetActiveWindow
DestroyIcon
DialogBoxIndirectParamW
FindWindowW
PostThreadMessageW
DialogBoxParamW
CallWindowProcW
LoadCursorW
GetClassInfoExW
RegisterClassExW
RedrawWindow
GetParent
GetWindowDC
FillRect
GetMessageW
MessageBoxW
GetWindowTextW
SetFocus
CreateDialogParamW
UnregisterClassW
DestroyWindow
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
InvalidateRect

gdi32

SetBkColor
GetStockObject
SelectObject
CreateSolidBrush
CreateFontIndirectW
GetDeviceCaps
CreateFontW
GetTextExtentPoint32W
DeleteDC
DeleteObject

comdlg32

GetSaveFileNameW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
IsTextUnicode

shell32

DuplicateIcon
ShellExecuteExW
SHGetFolderPathW
ExtractIconExW

ole32

CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoInitialize

oleaut32

VariantCopy
VariantInit
VariantClear
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysStringLen
SysAllocString
CreateErrorInfo
VariantChangeType

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63eaaeb9ce9f9442196a9714d37b2a46

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

wsock32

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 103KB - Virtual size: 102KB

.data Size: 18KB - Virtual size: 157KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 103KB - Virtual size: 102KB

.data
Size: 18KB - Virtual size: 157KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 15KB - Virtual size: 15KB