ACTA DEL EXPEDIENTE N° 4528-2932-22[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ACTA DEL EXPEDIENTE N° 4528-2932-22.exe
Size

1.5MB
MD5

af378b7909440034d7400a16d28675fe
SHA1

c10fa3770480f1147a230130802e60916a2bb459
SHA256

6223e05abb8fda88b2cb2cc3a18199f1781db887d39f77426d9fce6579a97670
SHA512

a0d9cc46b4f3e87cca6a5dc7f6ba14b026864556282e824b3d179a0bd241829b773aa9ed52d6b949ecfe330a40dd1b8a26c88c25ba665d5bab3a0d4ec00b3754
SSDEEP

49152:0i0mLW8TZ70RwLL3mMjrQE0gGp03TGFeJgc8XtJrYtVdZTROwF8NRLdCg4g6e3di:5B32MoNgfTScMJxKbL5Yo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ACTA DEL EXPEDIENTE N° 4528-2932-22.exe

Files

ACTA DEL EXPEDIENTE N° 4528-2932-22.exe
.exe windows:4 windows x86 arch:x86

db949fd8436ead5de2f1529b436c550d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_DragLeave
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetIcon
PropertySheetA
ord17
ImageList_EndDrag
ImageList_GetBkColor
ImageList_Draw
_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_Create
ImageList_Add
ImageList_Destroy
ImageList_SetBkColor
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_GetImageCount

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
VirtualProtect
VirtualQuery
VirtualFree
ResetEvent
CreateEventA
GetTempPathA
SetLastError
CreateThread
CompareFileTime
GetFileTime
IsDBCSLeadByte
SetCurrentDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryA
LocalFree
FormatMessageA
GetDateFormatA
GetFullPathNameA
SetFileTime
SetFileAttributesA
FindResourceA
FileTimeToSystemTime
LocalFileTimeToFileTime
GetLocalTime
ReleaseMutex
GetTimeFormatA
FileTimeToLocalFileTime
SetEndOfFile
GetDriveTypeA
GetLogicalDriveStringsA
GetVolumeInformationA
LockResource
LoadResource
GetFileInformationByHandle
GlobalSize
SetEvent
TerminateThread
SetThreadPriority
GetFileSize
DeviceIoControl
GetDiskFreeSpaceA
GetComputerNameA
CreateDirectoryA
DeleteFileA
GetShortPathNameA
SearchPathA
RemoveDirectoryA
MoveFileA
FlushFileBuffers
GetNumberFormatA
GetStringTypeExA
FoldStringA
CreateProcessA
FreeResource
SizeofResource
UnmapViewOfFile
SetThreadExecutionState
GetACP
IsValidCodePage
EnumResourceNamesA
CopyFileA
GlobalDeleteAtom
LoadLibraryExA
GlobalAddAtomA
HeapDestroy
lstrcmpiW
FindFirstChangeNotificationA
FindNextChangeNotification
FindCloseChangeNotification
WaitForSingleObject
ResumeThread
WritePrivateProfileSectionA
WritePrivateProfileStructA
ExpandEnvironmentStringsA
DeleteCriticalSection
lstrcatA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetPrivateProfileStructA
lstrcpynW
SetErrorMode
WideCharToMultiByte
lstrlenW
lstrcmpA
lstrcpyW
GetSystemTimeAsFileTime
lstrcmpiA
GetPrivateProfileSectionNamesA
GetTickCount
OpenFileMappingA
CreateFileMappingA
GetLastError
MapViewOfFile
CreateMutexA
GetCommandLineA
SetEnvironmentVariableA
InitializeCriticalSection
GetSystemInfo
SetUnhandledExceptionFilter
SystemTimeToFileTime
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileSectionA
GetFileAttributesA
CreateFileA
Sleep
ReadFile
WriteFile
CloseHandle
GetVersionExA
GetModuleHandleA
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
VirtualAlloc
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpynA
OutputDebugStringA
DebugBreak
MultiByteToWideChar
MulDiv
FindClose
FindFirstFileA
FindNextFileA
InterlockedIncrement
lstrlenA
lstrcpyA
InterlockedDecrement
LocalAlloc
InterlockedExchange
RaiseException
SetFilePointer
GetStartupInfoA

user32

OffsetRect
DeleteMenu
SetMenuItemInfoA
CreatePopupMenu
InsertMenuA
GetMenuItemInfoA
GetMenuItemCount
InsertMenuItemA
DestroyAcceleratorTable
FindWindowA
CharLowerBuffA
CharUpperBuffA
wsprintfA
GetWindowTextA
EnumWindows
RegisterWindowMessageA
LoadImageA
SendMessageTimeoutA
GetAsyncKeyState
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetDC
GetFocus
GetClassNameA
CharUpperA
GetMenuStringA
ModifyMenuA
wvsprintfA
LoadMenuA
GetWindowTextLengthA
GetSubMenu
EnableMenuItem
IsRectEmpty
CheckMenuItem
ClientToScreen
TrackPopupMenu
DestroyMenu
InvalidateRect
CallWindowProcA
IsWindow
SetWindowLongA
ReleaseDC
GetClientRect
GetWindow
GetWindowDC
CreateWindowExA
LoadStringA
CharNextA
LoadCursorA
GetWindowRect
GetSystemMetrics
EqualRect
MoveWindow
SetCursor
WindowFromPoint
EmptyClipboard
GetClipboardData
MsgWaitForMultipleObjects
AttachThreadInput
GetDlgCtrlID
IsWindowVisible
ShowWindow
KillTimer
SetWindowTextA
SetTimer
GetParent
GetWindowLongA
CharLowerA
GetKeyState
SendMessageA
PostMessageA
SetFocus
OemToCharA
FindWindowExA
DrawAnimatedRects
LoadAcceleratorsA
PostQuitMessage
UnpackDDElParam
ReuseDDElParam
InSendMessage
ReplyMessage
GetDCEx
SetWindowRgn
AdjustWindowRectEx
CharToOemA
RemoveMenu
TrackPopupMenuEx
LockWindowUpdate
GetSystemMenu
GetTopWindow
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
CopyAcceleratorTableA
GetMenuDefaultItem
CreateDialogParamA
GetMenuState
SetScrollPos
ScrollWindowEx
SetWindowPlacement
GetWindowPlacement
CheckRadioButton
GetMessageTime
GetUpdateRect
IntersectRect
DrawIcon
OpenClipboard
AppendMenuA
SetClipboardData
CloseClipboard
UpdateWindow
SetPropA
GetClassLongA
GetCapture
UnregisterClassA
CopyRect
DrawFrameControl
DrawFocusRect
DrawEdge
FrameRect
SetScrollInfo
GetMessagePos
SetMenuDefaultItem
SetMenu
LoadStringW
SetParent
SetRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
TranslateAcceleratorA
SetRectEmpty
DragDetect
CopyImage
GetMenu
IsDialogMessageA
SetActiveWindow
MessageBeep
IsClipboardFormatAvailable
GetDlgItemInt
SetDlgItemInt
DestroyIcon
GetIconInfo
GetMenuItemID
GetCursorPos
keybd_event
RegisterClipboardFormatA
IsIconic
BringWindowToTop
TranslateMessage
EnumChildWindows
GetScrollInfo
InflateRect
PtInRect
ScreenToClient
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
EndPaint
BeginPaint
FillRect
DialogBoxParamA
GetSysColorBrush
GetSysColor
IsWindowEnabled
CharPrevA
SystemParametersInfoA
MessageBoxA
GetForegroundWindow
PostThreadMessageA
GetMessageA
GetWindowThreadProcessId
SetForegroundWindow
GetClassInfoExA
RegisterClassExA
DrawTextA
PeekMessageA
DispatchMessageA
GetDlgItem
EnableWindow
CheckDlgButton
LoadIconA
MapWindowPoints
DestroyWindow
SetWindowPos
SetDlgItemTextA
IsDlgButtonChecked
EndDialog
IsChild
DefWindowProcA
CheckMenuRadioItem
GetActiveWindow

gdi32

GetObjectA
SetBkMode
BitBlt
CreateCompatibleBitmap
GetStockObject
ExcludeClipRect
Polygon
CreateSolidBrush
CreatePen
CreatePalette
GetTextExtentPoint32A
RealizePalette
SelectPalette
Rectangle
CombineRgn
CreateRectRgnIndirect
GetDIBits
GetTextMetricsA
PatBlt
GetClipBox
SelectClipRgn
SetRectRgn
CreateRectRgn
CreatePatternBrush
CreateBitmap
SetViewportOrgEx
SetWorldTransform
SetGraphicsMode
SetWindowOrgEx
LPtoDP
LineTo
MoveToEx
Polyline
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetMapMode
SetStretchBltMode
GetObjectType
SetTextColor
GetCurrentObject
CreateDIBSection
SelectObject
CreateCompatibleDC
DPtoLP
CreateFontIndirectA
DeleteObject
SetBkColor
ExtTextOutA
GetPixel
DeleteDC
SetPolyFillMode
GetDeviceCaps

comdlg32

ChooseFontA
GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
SetSecurityInfo
IsTextUnicode
RegCloseKey

shell32

ExtractIconExA
SHAppBarMessage
Shell_NotifyIconA
SHBrowseForFolderA
SHAddToRecentDocs
SHFileOperationA
SHFreeNameMappings
SHGetFileInfoA
SHGetMalloc
SHGetDataFromIDListA
SHGetPathFromIDListA
SHGetDesktopFolder
ShellExecuteExA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHChangeNotify
DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA

ole32

OleGetClipboard
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
PropVariantClear
OleInitialize
CreateBindCtx
CoInitialize
CoUninitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CLSIDFromString
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
OleSetClipboard
DoDragDrop
StringFromGUID2
ReleaseStgMedium
CoInitializeEx
StgOpenStorage
OleFlushClipboard
GetHGlobalFromStream
OleUninitialize

oleaut32

SafeArrayCopy
SafeArrayPutElement
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
DispCallFunc
SafeArrayCreateVector
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

mpr

WNetConnectionDialog
WNetGetUniversalNameA
WNetConnectionDialog1A

wininet

InternetGetConnectedState

msimg32

AlphaBlend
GradientFill

oleacc

CreateStdAccessibleObject
LresultFromObject

msvcrt

tolower
toupper
_wcsupr
_i64toa
atol
_strdup
_atoi64
_mbsnbicmp
realloc
_chdir
_beginthreadex
strchr
_purecall
memcmp
_mbspbrk
_ismbcalnum
_except_handler3
isspace
isxdigit
abs
_mbscmp
atoi
_ismbcdigit
wcslen
memset
_ismbcspace
memmove
_mbsstr
_mbschr
memcpy
??2@YAPAXI@Z
_mbsrchr
_mbsicmp
malloc
free
??3@YAXPAX@Z
islower
_ftol
isupper
iscntrl
__isascii
ispunct
isprint
calloc
isdigit
isalpha
isalnum
strncmp
bsearch
sprintf
fmod
rand
_mbslen
iswalnum
_wcsnicmp
_strnicmp
wcscmp
_setmbcp
setlocale
wcschr
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
isgraph

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData

Sections

.text
Size: 789KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 689KB - Virtual size: 689KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db949fd8436ead5de2f1529b436c550d

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

mpr

wininet

msimg32

oleacc

msvcrt

wintrust

Sections

.text Size: 789KB - Virtual size: 788KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 35KB - Virtual size: 109KB

.tls Size: 32KB - Virtual size: 32KB

.rsrc Size: 689KB - Virtual size: 689KB

.text
Size: 789KB - Virtual size: 788KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 35KB - Virtual size: 109KB

.tls
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 689KB - Virtual size: 689KB