BlumSoft [.]rar

Sharing

Copy URL Twitter E-mail

General

Target

BlumSoft .rar
Size

530KB
MD5

dc16ded12bf5d101e63fd0999db05ef9
SHA1

a54080ebc00f345b3c7c21d28fb62d6b70174093
SHA256

f3291775a29602f832e8f61dce52f720df155f4722e3eaee9d1a4acac81e440c
SHA512

46f3254bd0f4f3f15a3338f33ea22fa1cde2ae4a76dace51aca34fbb8b69b6973b5cb34607c9f51bf4c26f9fabb838898e976dab80d9bd226fdfa542b0ac6457
SSDEEP

12288:zjO1rKH2YIh5StwYGAAD1x+9vRfVU3hlBRoe9+Arcn:zMrKWkfGAU+9vLU3hNBDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/blum v2 .exe

Files

BlumSoft .rar
.rar
blum v2 .ahk
blum v2 .exe
.exe windows:6 windows x64 arch:x64

095f38dd86d11207273c6e48ee9443b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

WSAGetLastError
getservbyname
htonl
send
recv
inet_addr
WSAAsyncSelect
inet_ntoa
gethostbyname
WSASetLastError
ioctlsocket
htons
gethostbyaddr
getservbyport
ntohs
WSAStartup
gethostname
shutdown
WSACleanup
closesocket
connect
socket

winmm

joyGetPosEx
mciSendStringW
joyGetDevCapsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
CreateStatusWindowW

psapi

GetProcessImageFileNameW

wininet

InternetCloseHandle
InternetReadFileExA
InternetReadFile
InternetOpenW
InternetOpenUrlW

shlwapi

StrCmpLogicalW

uxtheme

EnableThemeDialogTexture
SetWindowTheme
IsAppThemed

dwmapi

DwmGetWindowAttribute

kernel32

GlobalFree
GlobalUnlock
WideCharToMultiByte
GetCPInfo
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetEnvironmentVariableW
IsValidCodePage
LoadLibraryW
GetLastError
OutputDebugStringW
lstrcmpiW
GetStringTypeExW
CreateThread
SetThreadPriority
GetExitCodeThread
CloseHandle
CreateMutexW
VirtualProtect
SetLastError
GetModuleHandleW
GetDiskFreeSpaceExW
GetDriveTypeW
CreateFileW
DeviceIoControl
SetVolumeLabelW
GetVolumeInformationW
GetDiskFreeSpaceW
SetEnvironmentVariableW
MultiByteToWideChar
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
ReadFile
DeleteFileW
LoadResource
LockResource
WriteFile
SizeofResource
SetCurrentDirectoryW
CompareStringOrdinal
CopyFileW
SetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SetFileTime
GetFileSizeEx
MoveFileW
GlobalLock
OpenProcess
TerminateProcess
SetPriorityClass
GetProcessId
QueryDosDeviceW
EnterCriticalSection
LeaveCriticalSection
Beep
GetLocalTime
GetDateFormatW
GetTimeFormatW
GetDateFormatEx
GetTickCount64
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameW
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
GetTempPathW
WaitForSingleObject
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameW
SetDllDirectoryW
GetModuleHandleExW
GetShortPathNameW
CreateProcessW
FormatMessageW
CompareStringW
RemoveDirectoryW
GetCurrentProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
WritePrivateProfileSectionW
SetEndOfFile
GetACP
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
IsWow64Process
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesW
LoadLibraryExW
GlobalSize
FindResourceW
SetErrorMode
Sleep
GetTickCount
MulDiv
RtlUnwindEx
RtlPcToFileHeader
RaiseException
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCommandLineA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCommandLineW
ExitProcess
HeapSize
HeapReAlloc
HeapQueryInformation
HeapFree
HeapAlloc
GetProcessHeap
FindFirstFileExW
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GlobalAlloc
SetStdHandle
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
GetCurrentProcessId
InitializeSListHead

user32

SetWindowPos
EnumWindows
IsZoomed
IsIconic
GetLayeredWindowAttributes
SetLayeredWindowAttributes
DestroyWindow
RegisterClassExW
SystemParametersInfoW
CreateWindowExW
GetMenu
EnableMenuItem
LoadAcceleratorsW
AddClipboardFormatListener
RemoveClipboardFormatListener
LoadImageW
PostQuitMessage
CheckMenuItem
RegisterWindowMessageW
DefWindowProcW
SetForegroundWindow
MonitorFromPoint
GetSystemMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuStringW
ExitWindowsEx
GetPropW
GetClassLongW
SetMenu
SetPropW
RemovePropW
GetSysColor
RedrawWindow
DrawTextW
SetParent
GetClassInfoExW
AdjustWindowRectEx
GetAncestor
UpdateWindow
FlashWindow
GetMessagePos
GetSysColorBrush
FillRect
GetClassLongPtrW
CallWindowProcW
CheckRadioButton
IntersectRect
GetUpdateRect
PtInRect
CreateDialogIndirectParamW
CreateAcceleratorTableW
DestroyAcceleratorTable
InsertMenuItemW
RemoveMenu
SetMenuItemInfoW
GetMenuItemInfoW
SetMenuDefaultItem
CreateMenu
CreatePopupMenu
SetMenuInfo
DestroyMenu
TrackPopupMenuEx
CopyImage
CreateIconIndirect
CreateIconFromResourceEx
DrawIconEx
EnumClipboardFormats
GetWindow
BringWindowToTop
GetQueueStatus
GetLastActivePopup
GetShellWindow
MapVirtualKeyW
VkKeyScanExW
SetWindowRgn
GetKeyboardLayoutNameW
ActivateKeyboardLayout
GetGUIThreadInfo
GetWindowTextW
mouse_event
WindowFromPoint
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
SendMessageTimeoutW
CharUpperW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
IsCharAlphaNumericW
IsCharUpperW
IsCharLowerW
ToUnicodeEx
GetKeyboardLayout
CharLowerW
ReleaseDC
GetDC
DialogBoxParamW
ScrollWindow
GetSystemMetrics
GetWindowRect
GetWindowLongPtrW
SetFocus
DefDlgProcW
MoveWindow
MapWindowPoints
GetClientRect
EnableWindow
MapDialogRect
GetDlgItem
SetWindowLongPtrW
SetWindowTextW
MessageBoxW
OpenClipboard
GetClipboardData
GetClipboardFormatNameW
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageW
FindWindowW
IsChild
IsWindowVisible
SetActiveWindow
EnumChildWindows
GetLastInputInfo
LoadCursorW
GetCursorInfo
ClientToScreen
MessageBeep
GetIconInfo
GetWindowTextLengthW
InvalidateRect
AdjustWindowRect
SetDlgItemTextW
SendDlgItemMessageW
IsCharAlphaW
EndDialog
IsWindow
DispatchMessageW
TranslateMessage
ShowWindow
IsClipboardFormatAvailable
CountClipboardFormats
SetWindowLongW
ScreenToClient
GetMonitorInfoW
IsDialogMessageW
SendMessageW
IsWindowEnabled
GetWindowLongW
GetKeyState
TranslateAcceleratorW
KillTimer
PeekMessageW
GetFocus
GetClassNameW
GetWindowThreadProcessId
GetForegroundWindow
GetMessageW
SetTimer
GetParent
GetDlgCtrlID
EnumDisplayMonitors
DestroyIcon
MapVirtualKeyExW
BlockInput
CallNextHookEx

gdi32

GdiFlush
CreateDIBSection
EnumFontFamiliesExW
SetBrushOrgEx
GetObjectW
CreatePatternBrush
GetClipBox
SetBkMode
SetBkColor
GetDeviceCaps
CreateCompatibleDC
CreateFontIndirectW
GetStockObject
CreateSolidBrush
GetCharABCWidthsW
GetTextMetricsW
GetPixel
GetDIBits
SelectObject
CreateDCW
CreateFontW
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteObject
BitBlt
CreateCompatibleBitmap
DeleteDC
GetSystemPaletteEntries
SetTextColor

advapi32

UnlockServiceDatabase
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteValueW
GetUserNameW
RegConnectRegistryW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
CreateProcessWithLogonW
OpenSCManagerW
LockServiceDatabase
CloseServiceHandle
RegDeleteKeyExW

shell32

SHBrowseForFolderW
DragFinish
SHGetKnownFolderPath
ExtractIconW
DragQueryPoint
SHEmptyRecycleBinW
SHFileOperationW
SHGetPathFromIDListW
DragQueryFileW
SHGetDesktopFolder
SHGetMalloc
SHCreateItemFromParsingName
ShellExecuteExW
SHGetFolderPathW
Shell_NotifyIconW

ole32

CoCreateInstance
CoTaskMemFree
CLSIDFromString
OleInitialize
OleFlushClipboard
OleUninitialize
CoInitialize
CoUninitialize
CLSIDFromProgID
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayDestroy
SysFreeString
GetActiveObject
SysStringLen
SafeArrayCreate
OleLoadPicture
VariantChangeType
SysAllocString
SafeArrayCopy
SysAllocStringLen
VariantCopyInd
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SafeArrayGetDim
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayUnlock
SafeArrayAccessData

Sections

.text
Size: 904KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095f38dd86d11207273c6e48ee9443b3

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

wininet

shlwapi

uxtheme

dwmapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 904KB - Virtual size: 904KB

.rdata Size: 240KB - Virtual size: 240KB

.data Size: 34KB - Virtual size: 52KB

.pdata Size: 32KB - Virtual size: 31KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 904KB - Virtual size: 904KB

.rdata
Size: 240KB - Virtual size: 240KB

.data
Size: 34KB - Virtual size: 52KB

.pdata
Size: 32KB - Virtual size: 31KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 30KB - Virtual size: 29KB