Download_Ready-66238[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Download_Ready-66238.zip
Size

43.7MB
MD5

93045aac14e39d730d5714aa45688ea0
SHA1

6d318bfe8276c77c3554ee8b8bfb7c86d69701c9
SHA256

38c0f723ada4fb0e78b153e8d8ac1ffc6d602b92c1f02dfbf310ff75ee2dc138
SHA512

a329f8e5611d17fb0f2fccb41c26697344bcefc369c6fd2e2a301dd7a2d3fd80371235e6881eb81b4d086a28661f1ce1a5950713535ce12617a9e62b782878bb
SSDEEP

786432:aYtMDfNyg/07BDaZ1Y9t1I5HU/JPJm2k76K2K6cMKR0VeBKk+is:tc907Ym14HEJPo2pTARhEis

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Installation_2025.exe

Files

Download_Ready-66238.zip
.zip
Installation_2025.exe
.exe windows:6 windows x86 arch:x86

30870120dea0780a6415e5356fb0f4f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

HeapAlloc
GetCurrentProcess
MultiByteToWideChar
LeaveCriticalSection
WriteConsoleW
GetEnvironmentStringsW
SetFileAttributesW
GetCurrentProcessId
ReadFile
CreateFileW
InitializeCriticalSection
GetFileAttributesW
VirtualFree
GetCurrentThreadId
SetEndOfFile
LoadLibraryExW
IsDebuggerPresent
WaitForSingleObjectEx
LoadLibraryA
FormatMessageW
lstrlenA
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
TlsSetValue
GetVersion
DeleteFileA
lstrcatA
TlsAlloc
InitializeSListHead
GetACP
GetFileAttributesA
RtlUnwind
GetProcessHeap
LCMapStringW
ReleaseSRWLockExclusive
SetCurrentDirectoryW
GetFileType
FindFirstFileW
FreeLibraryAndExitThread
SetFilePointer
DeleteCriticalSection
SetFilePointerEx
GetCommandLineA
LCMapStringEx
IsValidCodePage
TerminateProcess
VerifyVersionInfoW
GetSystemInfo
HeapFree
Sleep
CreateSemaphoreA
GetModuleFileNameA
SetEnvironmentVariableA
HeapReAlloc
FileTimeToSystemTime
SetLastError
DeleteFileW
ExitThread
GetProcAddress
VerSetConditionMask
CreateDirectoryA
ReleaseSemaphore
TlsGetValue
WideCharToMultiByte
GetModuleFileNameW
ReadConsoleW
SetCurrentDirectoryA
FindFirstFileExA
GetEnvironmentVariableA
FindNextFileW
MoveFileExW
RemoveDirectoryA
SleepEx
CloseHandle
IsValidLocale
FindFirstFileA
FindClose
FormatMessageA
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateThread
QueryPerformanceFrequency
GetLastError
GetFinalPathNameByHandleW
GetFullPathNameW
GetTickCount
LocalFree
GetCPInfo
EnumSystemLocalesW
GetTempPathA
GetConsoleCP
GetTickCount64
LoadLibraryW
GetCommandLineW
GetTimeZoneInformation
GetStdHandle
SetFileTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
CreateDirectoryW
FreeEnvironmentStringsW
WakeAllConditionVariable
CreateEventA
VirtualAlloc
GetTimeFormatW
GetFileSize
TlsFree
TryAcquireSRWLockExclusive
GetFileInformationByHandle
GetConsoleMode
GetUserDefaultLCID
GetFileAttributesExW
AreFileApisANSI
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
RemoveDirectoryW
EnterCriticalSection
ResetEvent
GlobalMemoryStatus
WaitForSingleObject
HeapSize
GetCurrentDirectoryA
ExitProcess
GetCurrentDirectoryW
GetTempPathW
CreateFileA
GetModuleHandleExW
GetProcessAffinityMask
GetStringTypeW
PeekNamedPipe
EncodePointer
FlushFileBuffers
SetFileAttributesA
GetStartupInfoW
FreeLibrary
GetLocaleInfoW
SetStdHandle
GetOEMCP
FindNextFileA
GetVersionExA
GetDateFormatW
GetFileSizeEx
GetDriveTypeW
InitializeCriticalSectionEx
RaiseException
SetUnhandledExceptionFilter
CompareStringW
GetModuleHandleA
WriteFile
QueryPerformanceCounter
WaitForMultipleObjects
GetLocaleInfoEx
DecodePointer
SetEvent

user32

DestroyWindow
DialogBoxParamW
wsprintfA
CharUpperA
DialogBoxParamA
PostMessageA
ShowWindow
KillTimer
LoadIconA
GetWindowLongA
LoadStringW
SetWindowLongA
MessageBoxA
SendMessageA
SetWindowTextW
CharUpperW
LoadStringA
GetDlgItem
SetWindowTextA
MessageBoxW
EndDialog
SetTimer

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

advapi32

CryptGetHashParam
CryptCreateHash
CryptAcquireContextW
CryptDestroyKey
CryptHashData
CryptReleaseContext
CryptDestroyHash
CryptEncrypt
CryptImportKey

crypt32

CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CertCloseStore
CertGetNameStringW
CertCreateCertificateChainEngine
CertGetCertificateChain
CertEnumCertificatesInStore
CryptStringToBinaryW
CertFreeCertificateContext
CryptQueryObject
CertFreeCertificateChain
CertFindCertificateInStore
CertFindExtension
CryptDecodeObjectEx
PFXImportCertStore
CertOpenStore

wldap32

ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133

ws2_32

gethostname
htons
getsockopt
send
WSAEnumNetworkEvents
getaddrinfo
WSAIoctl
WSACloseEvent
freeaddrinfo
WSAResetEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
WSACreateEvent
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
WSAWaitForMultipleEvents
WSAEventSelect
recvfrom
sendto
getpeername

Sections

.text
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30870120dea0780a6415e5356fb0f4f0

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

bcrypt

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 6.1MB - Virtual size: 6.1MB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 72KB - Virtual size: 71KB

.text
Size: 6.1MB - Virtual size: 6.1MB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 72KB - Virtual size: 71KB