Install Zaxwerks 3D Flag AE 4[.]0[.]0 Windows[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Install Zaxwerks 3D Flag AE 4.0.0 Windows.exe
Size

3.0MB
MD5

0ac9429719ec5dcec70f4bbbecef6aba
SHA1

012684c8cc42a4cb77abe63f4d8d2c382fee16c0
SHA256

4c6497b3c2730cf273638c87e8e45588767b3b28fedef6cefd16b1a805af1826
SHA512

740cb64836f56bdcfbb91b5dc607170381f7266ee0657863901f4d915ad6f671dbf52182d15c0af2bee4e90bb596e18835a117af44a9777c26a13148bdb10766
SSDEEP

49152:hPJKQw4y5Kw6I7Vdz0ieGLReM12XbzVY+hHcXm14jZN:90mgXV2ieGLReTHZhHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Install Zaxwerks 3D Flag AE 4.0.0 Windows.exe

Files

Install Zaxwerks 3D Flag AE 4.0.0 Windows.exe
.exe windows:5 windows x86 arch:x86

f96eed933e22bbcc1098b3db496d0133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\Zax6\_Projects\ZaxwerksWin\Release\Zinstaller - 32-Bit.pdb

Imports

gdiplus

GdipFree
GdipCloneBrush
GdiplusStartup
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateFromHDC
GdipCreateFontFamilyFromName
GdipDrawString
GdipCreateFont
GdipAlloc
GdipCreateSolidFill
GdipDeleteFontFamily
GdipSetStringFormatAlign
GdipDeleteGraphics
GdipDeleteFont
GdipSetTextRenderingHint
GdipMeasureString
GdipDeleteBrush

imm32

ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext

comctl32

InitCommonControlsEx
_TrackMouseEvent

kernel32

GlobalUnlock
VirtualQuery
GetCurrentThread
GetTickCount
Sleep
GetCurrentThreadId
FindResourceA
LockResource
FreeResource
LoadResource
GlobalDeleteAtom
GlobalAddAtomA
FormatMessageA
GlobalFindAtomA
LocalFree
GlobalAlloc
GlobalFree
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetSystemDirectoryA
GetProcAddress
WritePrivateProfileStringA
GetSystemInfo
GetModuleHandleA
GetCurrentDirectoryA
GetVersionExA
FreeLibrary
LoadLibraryA
SetCurrentDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapSize
GetModuleFileNameW
GetStdHandle
FileTimeToLocalFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalLock
TerminateProcess
GetCPInfo
LCMapStringW
FindFirstFileExA
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
ExitProcess
GetModuleHandleW
RtlUnwind
HeapAlloc
HeapFree
MultiByteToWideChar
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryW
CloseHandle
GetFileType
FindNextFileA
GetModuleFileNameA
FindClose
RemoveDirectoryA
GetLastError
FindFirstFileA
CreateDirectoryA
ReadFile
FileTimeToSystemTime
GetFileAttributesA
WriteFile
SetFilePointer
GetFileSize
CreateFileA
DeleteFileA
GetCurrentProcess
GetCurrentProcessId
IsProcessorFeaturePresent
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
SetLastError
CreateFileW

user32

SetPropA
UnregisterClassA
EnumChildWindows
GetClassInfoA
AdjustWindowRectEx
DefMDIChildProcA
IsWindowVisible
MapWindowPoints
MessageBoxA
PtInRect
MoveWindow
DestroyWindow
InflateRect
GetForegroundWindow
InvalidateRect
CreateWindowExA
DefWindowProcA
CheckDlgButton
IsDlgButtonChecked
RegisterClassA
GetMessageA
SetParent
CreateMDIWindowA
IsWindowEnabled
LoadIconA
SetCapture
GetClassNameA
ScreenToClient
SetActiveWindow
PostQuitMessage
TranslateMessage
BringWindowToTop
PeekMessageA
TranslateAcceleratorA
GetCursorPos
IsWindow
DispatchMessageA
ReleaseCapture
TranslateMDISysAccel
EnumThreadWindows
GetPropA
GetFocus
GetParent
GetClientRect
SetFocus
SendMessageA
GetWindowTextA
GetAsyncKeyState
PostMessageA
UpdateWindow
EnableWindow
EndPaint
InvertRect
FillRect
DrawTextA
BeginPaint
DrawFocusRect
GetTabbedTextExtentA
FrameRect
ChildWindowFromPointEx
GetWindowRect
SetWindowLongA
GetWindowLongA
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
GetSystemMetrics
SetWindowTextA
DialogBoxParamA
SetDlgItemTextA
GetDC
ReleaseDC
SetCursor
MessageBeep
LoadCursorA
ClientToScreen

gdi32

Ellipse
AngleArc
IntersectClipRect
CreateRectRgn
FillRgn
CreateCompatibleDC
SelectClipRgn
SetBkMode
ExcludeClipRect
MoveToEx
RoundRect
GetTextExtentPoint32A
DeleteObject
SetBrushOrgEx
CreateFontA
CreateHatchBrush
SetViewportOrgEx
FrameRgn
GetWindowOrgEx
SetWindowOrgEx
CreatePolygonRgn
GetClipRgn
GetStockObject
DeleteDC
CreateDIBSection
SetDIBitsToDevice
CreateSolidBrush
CreatePen
SelectObject
SetBkColor
LineTo
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegOpenKeyExA

shell32

SHGetMalloc
SHBrowseForFolderA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderPathA
SHGetPathFromIDListA

ole32

CoInitializeEx

ws2_32

ntohl
htonl
ntohs
htons

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 955KB - Virtual size: 954KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 381.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 439KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f96eed933e22bbcc1098b3db496d0133

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

imm32

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 955KB - Virtual size: 954KB

.data Size: 65KB - Virtual size: 381.5MB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 439KB - Virtual size: 439KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 955KB - Virtual size: 954KB

.data
Size: 65KB - Virtual size: 381.5MB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 439KB - Virtual size: 439KB