Proceso_Civil_Juridico_N°_41731913[.]tar

Sharing

Copy URL

Twitter E-mail

General

Target

Proceso_Civil_Juridico_N°_41731913.tar
Size

820KB
MD5

c87245e9194c8454ba37f1106a789e87
SHA1

28fdb1feb557d74dab45eb2ccae34155b5fa4f4d
SHA256

5f32f73950f142eb453b956e2424742fbd93e399333561ce57a4c691f16df8d2
SHA512

e1db26e5507ae55fb875ff7e6968fbd8300d1c0ef264a2b7d1df453177ff27008a1a206517a65d45c58dce1bf3a5fbf0cc945d02522ae3c089ee2793ecd80535
SSDEEP

24576:s3Pxd9Db3IHTJYKlP3J9kGt6X5xOBEJIpci2u6HSc:SfDLkNtHk6c5AqJxi2u6HSc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Proceso_Civil_Juridico_N°_41731913..exe

Files

Proceso_Civil_Juridico_N°_41731913.tar
.rar

Password: 2023
Proceso_Civil_Juridico_N°_41731913..exe
.exe windows:4 windows x86 arch:x86

Password: 2023

4729ce5a9b6572afe0753b3c74b53a8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetTickCount
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
GetOEMCP
GetACP
GetSystemInfo
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualQuery
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
Sleep
MulDiv
DeleteFileA
GetVersionExA
IsBadWritePtr
GetLastError
OutputDebugStringA
GetCurrentThreadId
SetErrorMode
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetWindowsDirectoryA
GetModuleHandleA
CreateMutexA
GetCommandLineA
CloseHandle
InterlockedIncrement
InterlockedDecrement
GetFileTime
CreateFileA
WideCharToMultiByte
GetLocaleInfoA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
GetStartupInfoA
ExitProcess
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
IsBadReadPtr
GetSystemTimeAsFileTime
TerminateProcess
GetCPInfo
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsFree
SetLastError
TlsAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCurrentProcessId
FlushFileBuffers
SetFilePointer
ReadFile
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadCodePtr
VirtualProtect
SetCurrentDirectoryA

user32

GetClientRect
ClientToScreen
MoveWindow
SystemParametersInfoA
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
DefWindowProcA
EndPaint
DrawTextA
FillRect
BeginPaint
SetFocus
GetFocus
GetWindowLongA
AdjustWindowRect
ReleaseDC
GetDC
GetDesktopWindow
DestroyWindow
GetWindowTextA
ShowWindow
SendMessageA
SetTimer
SetWindowLongA
CreateWindowExA
ClipCursor
LoadIconA
LoadCursorA
GetSysColor
SetWindowTextA
GetSysColorBrush
SetCursor
DrawTextExA
OffsetRect
ScreenToClient
GetCursorPos
CloseClipboard
SetClipboardData
OpenClipboard
EndDialog
GetDlgItem
DialogBoxIndirectParamA
ReleaseCapture
SetCapture
WindowFromPoint
PeekMessageA
GetClipboardData
GetWindowPlacement
CloseWindow
SetForegroundWindow
GetSystemMetrics
CreateCursor
PostMessageA
RegisterWindowMessageA
DestroyCursor
RegisterClassA
ShowCursor
MessageBoxA
SetCursorPos
GetWindowRect

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA

winmm

mixerGetLineControlsA
mixerSetControlDetails
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
timeGetTime
mixerGetControlDetailsA
mixerClose
timeBeginPeriod
timeEndPeriod

wsock32

__WSAFDIsSet
select
WSACleanup
closesocket
recv
send
WSAGetLastError
connect
WSAStartup
socket
inet_ntoa
htons
gethostbyname
ioctlsocket

gdi32

CreateFontA
SelectObject
SetBkMode
SetTextColor
TextOutA
CreateSolidBrush
DeleteObject
GetTextExtentPoint32A
IntersectClipRect
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA
GetObjectA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 984KB - Virtual size: 982KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 556KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

4729ce5a9b6572afe0753b3c74b53a8f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

wsock32

gdi32

shell32

ole32

oleaut32

Sections

.text Size: 984KB - Virtual size: 982KB

.rdata Size: 208KB - Virtual size: 204KB

.data Size: 24KB - Virtual size: 252KB

.rsrc Size: 556KB - Virtual size: 554KB

.text
Size: 984KB - Virtual size: 982KB

.rdata
Size: 208KB - Virtual size: 204KB

.data
Size: 24KB - Virtual size: 252KB

.rsrc
Size: 556KB - Virtual size: 554KB