InstagramPasswordDecryptor[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

InstagramPasswordDecryptor.zip
Size

1.7MB
MD5

1c11f578a3f6b880ee5835d601f6ad31
SHA1

56db4a48c6d3e00f06f11319c6e7bd477138c8bb
SHA256

e74f9bb764d9557e311e048d8c12d0b337d77de09d5e05c2515cad44f19fd38d
SHA512

6605844c2ef6d43c41dd4dfd6321131caa3469719b48940c036ce67fb1138e882a24be64a2957ca344c3837dc151ca60624fd5fbbdd3015ac5f708640ef5dda7
SSDEEP

49152:HQTWL5IDXDal9knx5mARo0CaPnznKI5Hz51GFxH:Hx5fc7dFznKI5Hz51wh

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/InstagramPasswordDecryptor/InstagramPasswordDecryptor.exe

Files

InstagramPasswordDecryptor.zip
.zip
InstagramPasswordDecryptor/Get Enterprise Edition.html
.html
InstagramPasswordDecryptor/InstagramPasswordDecryptor.exe
.exe windows:5 windows x86 arch:x86

e6236fc66820144df9512d9d75430b90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\projects\windows\InstagramPasswordDecryptor\Release\InstagramPasswordDecryptor.pdb

Imports

kernel32

FindFirstFileExA
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStdHandle
ExitProcess
SetStdHandle
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
QueryPerformanceFrequency
IsValidCodePage
GetEnvironmentStringsW
SetEnvironmentVariableA
FreeEnvironmentStringsW
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
ResetEvent
SearchPathA
GetProfileIntA
GetTempFileNameA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
FindResourceExW
lstrcpyA
GetACP
GetVolumeInformationA
lstrcmpiA
GetThreadLocale
FileTimeToSystemTime
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
MulDiv
GlobalFree
GlobalSize
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
SetLastError
EncodePointer
DosDateTimeToFileTime
CreateDirectoryA
GetFileType
DuplicateHandle
GetCurrentDirectoryA
SetFileTime
FlushFileBuffers
QueryPerformanceCounter
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetCurrentProcessId
LockFileEx
UnlockFile
HeapCompact
LoadLibraryW
GetSystemInfo
DeleteFileW
WaitForSingleObjectEx
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetDiskFreeSpaceA
FormatMessageW
Sleep
HeapValidate
GetVersionExW
GetCurrentThreadId
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LeaveCriticalSection
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
WriteFile
GetFullPathNameW
EnterCriticalSection
HeapCreate
TryEnterCriticalSection
ReadFile
AreFileApisANSI
SetDllDirectoryA
GetTickCount
MapViewOfFile
WideCharToMultiByte
GetFileSize
LocalFree
CreateFileMappingA
FindResourceW
DeleteFileA
CreateFileA
CopyFileA
GetTempPathA
UnmapViewOfFile
WaitForSingleObject
FindClose
FindNextFileA
FindFirstFileA
SizeofResource
GetModuleFileNameA
FreeLibrary
lstrcpynA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GlobalUnlock
CreateProcessA
GlobalLock
LoadResource
CloseHandle
GlobalAlloc
LockResource
GetVersionExA
GetCurrentThread
GetFileAttributesA
GetSystemWindowsDirectoryA
GetModuleHandleA
FindResourceA
GetCurrentProcess
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapQueryInformation
HeapFree

user32

CharUpperA
LoadCursorW
WaitMessage
KillTimer
SetTimer
DeleteMenu
GetAsyncKeyState
RealChildWindowFromPoint
GetSysColorBrush
CopyImage
IntersectRect
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
GetSystemMetrics
MapDialogRect
SetWindowContextHelpId
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
ReleaseDC
GetDC
MapVirtualKeyA
GetKeyNameTextA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
HideCaret
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
UnregisterClassA
SetClipboardData
GetSysColor
EmptyClipboard
CloseClipboard
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
IsRectEmpty
MessageBeep
TrackMouseEvent
LoadImageW
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
RegisterClipboardFormatA
DrawFocusRect
DrawIconEx
GetWindow
EnableScrollBar
OpenClipboard
EnableWindow
SendMessageA
LoadImageA
GetCursorPos
InvalidateRect
UpdateWindow
GetClientRect
AppendMenuA
LoadIconA
LoadIconW
GetActiveWindow
GetSubMenu
LoadMenuW
GetSystemMenu
ReleaseCapture
PtInRect
GetParent
SetCursor
SetCapture
SetWindowLongA
RedrawWindow
LoadCursorA
DrawStateA
DrawEdge
GetNextDlgGroupItem
SetRectEmpty
GetWindowLongA
ClientToScreen
DestroyIcon
GetCapture
OffsetRect
WindowFromPoint
GetIconInfo
PostMessageA
InflateRect
GetWindowRect
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
UnhookWindowsHookEx
RegisterWindowMessageA
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
PostThreadMessageA
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
SetScrollRange
IsClipboardFormatAvailable

gdi32

RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExA
PtVisible
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
PatBlt
CreateRectRgnIndirect
SetTextColor
SetBkColor
SelectObject
SetDIBitsToDevice
SetStretchBltMode
CreateFontIndirectA
GetObjectA
BitBlt
CreateCompatibleBitmap
CreateFontA
CreateCompatibleDC
GetStockObject
CreatePalette
DeleteObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

CryptReleaseContext
CryptGetHashParam
RegOpenKeyExA
OpenProcessToken
CryptDestroyHash
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
CryptDestroyKey
GetUserNameA
CryptDecrypt
RegEnumValueA
CryptSetKeyParam
CryptImportKey
AdjustTokenPrivileges
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
LookupPrivilegeValueA
CryptCreateHash
CryptHashData

shell32

SHGetFolderPathA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
InitCommonControlsEx
ImageList_Draw

shlwapi

PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent

ole32

CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
VariantChangeType
SysFreeString
VariantClear
SysAllocStringLen
VariantInit

oledlg

ord8

crypt32

CryptUnprotectData

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstagramPasswordDecryptor/Readme.html
.html
InstagramPasswordDecryptor/Security_Xploded_License.pdf
.pdf
- http://SecurityXploded.com
- http://securityxploded.com

Sharing

General

Malware Config

Signatures

Files

e6236fc66820144df9512d9d75430b90

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

crypt32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 515KB - Virtual size: 514KB

.data Size: 70KB - Virtual size: 122KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 539KB - Virtual size: 539KB

.reloc Size: 146KB - Virtual size: 145KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 515KB - Virtual size: 514KB

.data
Size: 70KB - Virtual size: 122KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 539KB - Virtual size: 539KB

.reloc
Size: 146KB - Virtual size: 145KB