bfc6d4163bcb72b224bc9900e5e3eafa7314477d7b9b90749fdf36b9f7986e1e

Sharing

Copy URL

Twitter E-mail

General

Target

bfc6d4163bcb72b224bc9900e5e3eafa7314477d7b9b90749fdf36b9f7986e1e
Size

462KB
MD5

0bd1ab4d56ea633a43824c8d4ad8e895
SHA1

c634a2cbc2b7b3f76e0eeacde38977fbfde2a0a0
SHA256

bfc6d4163bcb72b224bc9900e5e3eafa7314477d7b9b90749fdf36b9f7986e1e
SHA512

373051257e0c3446b921def6068b4189f54a352b24ad1c4d641ef0b751b113fbc4cbae49de8779192835310b20fe0cb920c608109db61336ece1ded935169694
SSDEEP

12288:3t6zTgq23yDK8vnU4FH1E6mrKrClBdCkUcHBXOe9RP6Jz:yTS3yDK8vnfFH66mrKrClBhUcHP6F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc6d4163bcb72b224bc9900e5e3eafa7314477d7b9b90749fdf36b9f7986e1e

Files

bfc6d4163bcb72b224bc9900e5e3eafa7314477d7b9b90749fdf36b9f7986e1e
.exe windows:4 windows x86 arch:x86

6f74612eaf3bfb86c54ee9769537e9c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\haozip_3.0_Release\rczip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetMalloc
SHGetFileInfoW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

kernel32

CreateFileA
FreeLibrary
GetProcessHeap
HeapAlloc
GetLastError
GetProcAddress
HeapFree
LoadLibraryW
GetModuleFileNameW
LocalFree
WaitForSingleObject
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
CloseHandle
SetFileApisToOEM
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableW
SetThreadPriority
GetCurrentProcess
GetModuleHandleW
GetVersionExW
CreateFileW
ExpandEnvironmentStringsW
GetCommandLineW
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
FindNextFileW
FindFirstFileW
FindClose
FormatMessageW
InterlockedExchangeAdd
SetEndOfFile
SetFileTime
WriteFile
GetFileSize
ReadFile
SetFilePointer
MultiByteToWideChar
WideCharToMultiByte
GetACP
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetFileAttributesW
GetLongPathNameW
MoveFileW
lstrlenW
GetTempPathW
GetFullPathNameW
GetWindowsDirectoryW
GetTempFileNameW
SetEvent
ResetEvent
CreateEventW
FindResourceW
FileTimeToSystemTime
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
HeapReAlloc
VirtualAlloc
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
WaitForMultipleObjects
ResumeThread
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetVersionExA
GetStartupInfoW
ExitThread
GetCurrentThreadId
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetOEMCP
IsValidCodePage

user32

LoadIconW
ScreenToClient
TranslateMessage
IsWindowVisible
EnableWindow
GetMessageW
DispatchMessageW
SetTimer
DestroyIcon
IsWindow
MessageBoxW
ShowWindow
PostMessageW
DialogBoxParamW
SetWindowPos
GetWindowRect
GetSystemMetrics
GetDlgItem
SendMessageW
EndDialog
SetFocus
GetWindowTextW
SetWindowTextW
CreateDialogParamW
IsDialogMessageW
GetActiveWindow
GetDesktopWindow
LoadStringW
PostQuitMessage
KillTimer

gdi32

CreateSolidBrush
DeleteObject

ole32

CoUninitialize
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoInitialize

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f74612eaf3bfb86c54ee9769537e9c5

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

ole32

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 79KB - Virtual size: 78KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 79KB - Virtual size: 78KB