Download_Ready_949677[.]exe

Resubmissions

23/06/2024, 23:49

240623-3t63ksyekc 7

23/06/2024, 23:44

240623-3rjt9ssbnq 8

Sharing

Copy URL

Twitter E-mail

General

Target

Download_Ready_949677.exe
Size

18.6MB
MD5

21fb332b80e580e49b245c4d7ac004c2
SHA1

6461e9c57a5629aba7853b9b66de393380e97390
SHA256

91326f08ec19b2d5c0ad796c613d20dab9b10adab2d0324edf74855a3b899b33
SHA512

6040e6e1554cba5f739842974e0b525230be3c09f045917e4a018e1a9b7bf3d23f52db792393b9d83e7acd3ab757f49ac0f050f832f0101936d829e998ff43af
SSDEEP

393216:Bcyq003lt3tpZJk6/8U3QYDez3QzCQSPIaXSz69II65rUVb:B43lt3tpZJk6/b3ivhdS+9Ix5rUVb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Download_Ready_949677.exe

Files

Download_Ready_949677.exe
.exe windows:6 windows x86 arch:x86

b18fa727d56c0fd5aa8ffc42b7b23e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

ExitProcess
DecodePointer
GetSystemTimeAsFileTime
SetFilePointer
WaitForMultipleObjects
FreeLibraryAndExitThread
SetFileAttributesA
WideCharToMultiByte
GetConsoleCP
GetFileSize
RemoveDirectoryW
InitializeCriticalSection
TlsFree
IsValidLocale
EnumSystemLocalesW
GetCommandLineW
GetTempPathA
AcquireSRWLockExclusive
FormatMessageW
GetEnvironmentStringsW
GetStdHandle
GetFileSizeEx
RtlUnwind
lstrcatA
SetStdHandle
GetModuleHandleExW
SetFileTime
CreateDirectoryA
FileTimeToSystemTime
TlsGetValue
LoadLibraryA
GetCurrentDirectoryA
GetCommandLineA
LocalFree
GlobalMemoryStatus
InitializeCriticalSectionEx
SetUnhandledExceptionFilter
ReleaseSemaphore
GetFileAttributesA
GetStartupInfoW
QueryPerformanceFrequency
FindNextFileA
MultiByteToWideChar
LoadLibraryW
WaitForSingleObject
GetModuleFileNameW
RaiseException
SleepEx
WaitForSingleObjectEx
EnterCriticalSection
ReadConsoleW
lstrlenA
WriteConsoleW
GetUserDefaultLCID
Sleep
GetVersion
WakeAllConditionVariable
LeaveCriticalSection
GetTimeFormatW
SetEndOfFile
GetTickCount64
CloseHandle
FreeLibrary
ReadFile
GetDateFormatW
VirtualAlloc
GetCurrentProcess
FindFirstFileA
CreateThread
SetEvent
GetCurrentProcessId
GetDriveTypeW
QueryPerformanceCounter
GetTimeZoneInformation
InitializeSListHead
SetCurrentDirectoryA
GetLastError
TryAcquireSRWLockExclusive
HeapFree
GetProcessHeap
TlsAlloc
MoveFileExW
IsValidCodePage
WriteFile
ReleaseSRWLockExclusive
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
ResetEvent
GetFileInformationByHandle
LoadLibraryExW
GetModuleHandleW
GetLocaleInfoW
FindFirstFileExA
GetTempPathW
RemoveDirectoryA
PeekNamedPipe
CreateFileW
IsDebuggerPresent
GetLocaleInfoEx
GetConsoleMode
CreateDirectoryW
ExitThread
GetFullPathNameW
SetFilePointerEx
VerifyVersionInfoW
TlsSetValue
GetFinalPathNameByHandleW
SetEnvironmentVariableA
AreFileApisANSI
IsProcessorFeaturePresent
SetLastError
HeapAlloc
GetEnvironmentVariableA
GetCPInfo
GetCurrentDirectoryW
GetTickCount
FindNextFileW
CreateSemaphoreA
GetSystemInfo
CreateEventA
GetOEMCP
GetSystemDirectoryW
CreateFileA
GetCurrentThreadId
VerSetConditionMask
FindClose
TerminateProcess
CompareStringW
SetFileAttributesW
GetProcessAffinityMask
GetFileAttributesExW
GetFileAttributesW
UnhandledExceptionFilter
GetACP
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
VirtualFree
DeleteFileW
DeleteCriticalSection
DeleteFileA
FindFirstFileW
HeapReAlloc
FlushFileBuffers
GetProcAddress
EncodePointer
GetVersionExA
LCMapStringW
GetStringTypeW
FreeEnvironmentStringsW
LCMapStringEx
FormatMessageA
GetFileType
HeapSize
SetCurrentDirectoryW

user32

GetWindowLongA
LoadStringW
GetDlgItem
SendMessageA
SetWindowTextA
CharUpperA
wsprintfA
ShowWindow
DestroyWindow
LoadStringA
DialogBoxParamW
EndDialog
MessageBoxW
SetTimer
SetWindowTextW
KillTimer
CharUpperW
MessageBoxA
DialogBoxParamA
PostMessageA
LoadIconA
SetWindowLongA

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

advapi32

CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptDestroyHash

crypt32

CertEnumCertificatesInStore
PFXImportCertStore
CertFindExtension
CertOpenStore
CertFreeCertificateContext
CertFreeCertificateChain
CryptDecodeObjectEx
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertGetNameStringW
CryptQueryObject
CertCloseStore
CertAddCertificateContextToStore
CryptStringToBinaryW
CertFindCertificateInStore

wldap32

ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133

ws2_32

gethostname
htons
getsockopt
send
WSAWaitForMultipleEvents
freeaddrinfo
WSAEnumNetworkEvents
WSACreateEvent
getaddrinfo
WSAEventSelect
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
WSAIoctl
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
WSACloseEvent
WSAResetEvent
recvfrom
sendto
getpeername

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

b18fa727d56c0fd5aa8ffc42b7b23e67

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

bcrypt

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.rdata Size: 200KB - Virtual size: 200KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 6.0MB - Virtual size: 6.0MB

.rdata
Size: 200KB - Virtual size: 200KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 71KB - Virtual size: 71KB