Download_Ready_293281[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Download_Ready_293281.exe
Size

7.6MB
MD5

0284f3219b72a5c61794ecdae1a48112
SHA1

5cb7b4c2d6e969673483be44db568da9ff935d0b
SHA256

b596b40413459b76a34d8ce7960ce3a0fadc663c07f8d9db926b85ba82d80837
SHA512

9c13958e3c8b84766950fd6656c558af277e8803418b94df1fefdd0090a4301cc56da1ac248eb2d09809a3c1580fdd930a65802eda894212ca7413f08a291d39
SSDEEP

196608:gBg1ldh91s2mx4PuqMwVajd4nXhE7OUGCZvb+CV4i8JRzY6SKR:gBgvbI2nXhE7OUGClb+CV4vDV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Download_Ready_293281.exe

Files

Download_Ready_293281.exe
.exe windows:6 windows x86 arch:x86

Password: Password

0ce137a890f197eabcfe5a8d343d5c2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
QueryPerformanceFrequency
TerminateProcess
CreateThread
UnhandledExceptionFilter
FindFirstFileW
WaitForSingleObject
GetModuleHandleA
GetProcAddress
SetFilePointer
GetEnvironmentVariableA
GetCommandLineW
ReadFile
TlsFree
GetFileSizeEx
WaitForMultipleObjects
RemoveDirectoryW
GetTempPathA
GetCurrentThreadId
InitializeSListHead
GetTickCount64
VerSetConditionMask
InitializeCriticalSectionAndSpinCount
FindClose
GetFileType
GetConsoleCP
GetModuleFileNameA
GetDateFormatW
RtlUnwind
HeapFree
FreeLibrary
GetFileSize
GetSystemInfo
CreateDirectoryA
InitializeCriticalSection
CloseHandle
IsValidCodePage
SetEndOfFile
GetOEMCP
FileTimeToSystemTime
GetFileInformationByHandle
WriteFile
CreateProcessA
GetTempPathW
ResetEvent
MultiByteToWideChar
ReleaseSRWLockExclusive
GetTempFileNameW
GetFileAttributesW
SetStdHandle
InitializeCriticalSectionEx
GetStdHandle
LeaveCriticalSection
EncodePointer
Sleep
GetCPInfo
SetCurrentDirectoryA
ReadConsoleW
FindFirstFileExA
ReleaseSemaphore
LoadLibraryExW
FindNextFileA
GetStringTypeW
GetCurrentProcess
HeapReAlloc
SetFileAttributesW
GetVersion
TlsAlloc
GetTimeFormatW
DeleteFileW
GetCurrentDirectoryW
CreateDirectoryW
SetCurrentDirectoryW
GetProcessAffinityMask
GetCurrentProcessId
FreeEnvironmentStringsW
GetModuleFileNameW
GetSystemDirectoryW
TlsSetValue
SetLastError
LocalFree
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleExW
RemoveDirectoryA
FindNextFileW
WriteConsoleW
HeapSize
GlobalMemoryStatus
GetFullPathNameW
GetSystemTimeAsFileTime
CreateEventA
SetEnvironmentVariableA
AcquireSRWLockExclusive
VerifyVersionInfoW
GetStartupInfoW
WaitForSingleObjectEx
SetEvent
GetTimeZoneInformation
FindFirstFileA
CompareStringW
GetACP
SystemTimeToTzSpecificLocalTime
FlushFileBuffers
LCMapStringW
GetLastError
VirtualFree
DeleteCriticalSection
LoadLibraryW
IsBadReadPtr
GetProcessHeap
RaiseException
GetCurrentDirectoryA
GetConsoleMode
HeapAlloc
GetCommandLineA
ExitProcess
TlsGetValue
WakeAllConditionVariable
GetEnvironmentStringsW
IsDebuggerPresent
CreateFileW
ExitThread
EnterCriticalSection
GetDriveTypeW
SetFileTime
FormatMessageW
CreateSemaphoreA
GetModuleHandleW
WideCharToMultiByte
PeekNamedPipe
GetTickCount
DecodePointer
TryAcquireSRWLockExclusive
FreeLibraryAndExitThread
VirtualAlloc
SleepEx
AreFileApisANSI
SetFileAttributesA
SetUnhandledExceptionFilter
GetFileAttributesA
CreateFileA
GetVersionExA
GetFileAttributesExW
DeleteFileA
FormatMessageA
SetFilePointerEx
MoveFileExW

user32

KillTimer
DialogBoxParamA
GetWindowLongA
DialogBoxParamW
ShowWindow
CharUpperW
SetWindowLongA
MessageBoxA
SetWindowTextA
DestroyWindow
SendMessageA
MessageBoxW
SetTimer
EndDialog
GetDlgItem
SetWindowTextW
LoadStringW
PostMessageA
CharUpperA
LoadIconA
LoadStringA

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

crypt32

CertFreeCertificateContext
CryptDecodeObjectEx
CertEnumCertificatesInStore
CertFreeCertificateChainEngine
CertFindExtension
CertGetNameStringW
CertFindCertificateInStore
CertCloseStore
CertOpenStore
CryptStringToBinaryW
CryptQueryObject
PFXImportCertStore
CertGetCertificateChain
CertFreeCertificateChain
CertAddCertificateContextToStore
CertCreateCertificateChainEngine

advapi32

CryptDestroyKey
CryptDestroyHash
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptCreateHash
CryptEncrypt
CloseServiceHandle
CryptHashData
CryptGetHashParam
CryptImportKey

ws2_32

socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
__WSAFDIsSet
select
accept
htonl
listen
getaddrinfo
WSAEventSelect
recvfrom
sendto
ioctlsocket
gethostname
send
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
recv
WSAGetLastError
closesocket
WSACreateEvent
freeaddrinfo
WSAResetEvent
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSACloseEvent

wldap32

ord301
ord147
ord219
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord117
ord41
ord208
ord73
ord216
ord14
ord46
ord145

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Password

0ce137a890f197eabcfe5a8d343d5c2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

oleaut32

crypt32

advapi32

ws2_32

wldap32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 123KB - Virtual size: 122KB

.data Size: 6KB - Virtual size: 18KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 33KB - Virtual size: 32KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 123KB - Virtual size: 122KB

.data
Size: 6KB - Virtual size: 18KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 33KB - Virtual size: 32KB