Download_Ready_883496[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Download_Ready_883496.exe
Size

24.2MB
MD5

270bfe534c9fad3f24cd808ec7957dc0
SHA1

6902a04992be77eb5605cd88091d54c2e6dd0a49
SHA256

59e9861d6c7e9f67520e5c648c3bf9336951bc7b9301b1a64f30c4b60b184e8a
SHA512

594031e2ec2baa1fe1219df428fd76b4f3ab4c05faa8d93214bc95cceb2e6d30dc03266106df4d909566649b8613d7b08b2a2ba21c7bb0974a310891f2e6d917
SSDEEP

786432:xO7SVgk7HeP4fGVWyKL3gLNnjlMJAuCZDDZTK7QG:xO75liJAVDt2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Download_Ready_883496.exe

Files

Download_Ready_883496.exe
.exe windows:6 windows x86 arch:x86

660b50ae9ba11f1c120544d531937f96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
InitializeSListHead
GetFileSize
RtlUnwind
GetModuleFileNameA
TerminateProcess
GetCommandLineW
GetOEMCP
GetCurrentProcess
CreateEventW
TlsSetValue
GetCurrentThreadId
VirtualAlloc
HeapSize
VerifyVersionInfoW
CreateDirectoryW
TlsAlloc
ExitThread
FreeLibrary
LoadLibraryA
GetVersionExW
lstrlenA
SetStdHandle
QueryPerformanceCounter
FlushFileBuffers
PeekNamedPipe
ReleaseSemaphore
GetProcAddress
GetConsoleCP
WaitForMultipleObjects
LCMapStringW
MoveFileExW
GlobalMemoryStatus
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetACP
CreateFileW
GlobalAlloc
FreeEnvironmentStringsW
FindNextFileW
FormatMessageW
FindFirstFileW
CompareStringW
SetLastError
GetFileAttributesW
GetTimeZoneInformation
GetTickCount
InitializeCriticalSectionAndSpinCount
GetProcessAffinityMask
TlsGetValue
VirtualFree
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
ReadFile
ReadConsoleW
GetLastError
RaiseException
GlobalLock
CreateSemaphoreW
GetConsoleMode
WaitForSingleObjectEx
GetEnvironmentStringsW
GetModuleHandleA
GlobalFree
SetFilePointerEx
LoadLibraryW
GetCurrentProcessId
GetFileInformationByHandle
GetCommandLineA
HeapReAlloc
IsValidLocale
FindFirstFileExA
InitializeCriticalSection
GetSystemInfo
SetUnhandledExceptionFilter
SetEnvironmentVariableA
Sleep
LCMapStringEx
GetCurrentDirectoryW
GetVersion
EnumSystemLocalesW
WriteConsoleW
SetFilePointer
SetEvent
WriteFile
GetTimeFormatW
UnhandledExceptionFilter
GlobalUnlock
GetFileAttributesExW
MultiByteToWideChar
TlsFree
AcquireSRWLockExclusive
GetSystemDirectoryW
GetDriveTypeW
LocalFree
GetModuleHandleExW
QueryPerformanceFrequency
HeapFree
SetFileAttributesW
CompareFileTime
GetDateFormatW
GetStartupInfoW
WideCharToMultiByte
LoadLibraryExW
GetTickCount64
InitializeCriticalSectionEx
MoveFileW
GetFileSizeEx
SetFileTime
RemoveDirectoryW
CloseHandle
IsValidCodePage
GetFileType
DeleteCriticalSection
FileTimeToSystemTime
FindClose
SystemTimeToTzSpecificLocalTime
DeleteFileW
GetModuleFileNameW
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
GetCPInfo
IsDebuggerPresent
DecodePointer
GetLocaleInfoW
GetLogicalDriveStringsW
FileTimeToLocalFileTime
SetPriorityClass
GetStringTypeW
CreateThread
GetEnvironmentVariableA
GetStdHandle
FreeLibraryAndExitThread
FindNextFileA
ResetEvent
GetProcessHeap
EncodePointer
GetFullPathNameW
GetModuleHandleW
VerSetConditionMask
WaitForSingleObject
SleepEx

user32

CloseClipboard
KillTimer
IsDlgButtonChecked
CheckDlgButton
LoadCursorW
GetWindowLongW
GetWindowRect
GetMonitorInfoA
OpenClipboard
wsprintfA
GetFocus
MessageBoxW
DialogBoxParamW
SetFocus
GetDlgItem
GetKeyState
ShowWindow
SetWindowLongW
EnableWindow
SendMessageW
CharUpperW
MapDialogRect
SetDlgItemTextW
GetWindowTextLengthW
ScreenToClient
EmptyClipboard
LoadStringW
SystemParametersInfoW
MoveWindow
SetWindowTextW
InvalidateRect
MonitorFromWindow
SetCursor
EndDialog
GetParent
SetTimer
PostMessageW
SetClipboardData
LoadIconW
GetWindowTextW

advapi32

CryptAcquireContextW
CryptImportKey
CryptDestroyKey
CloseServiceHandle
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
CryptHashData
CryptCreateHash
CryptEncrypt

shell32

SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoUninitialize
CoInitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantClear
SysAllocStringLen

ws2_32

__WSAFDIsSet
select
accept
connect
getsockname
htonl
setsockopt
recv
socket
WSAResetEvent
WSAEventSelect
recvfrom
sendto
getpeername
ioctlsocket
gethostname
htons
WSACleanup
WSAStartup
WSASetLastError
ntohs
WSAGetLastError
closesocket
WSAWaitForMultipleEvents
WSACreateEvent
freeaddrinfo
WSAEnumNetworkEvents
WSAIoctl
WSACloseEvent
getaddrinfo
send
listen
getsockopt
bind

crypt32

CertOpenStore
CryptStringToBinaryW
CryptQueryObject
CertCloseStore
CertFreeCertificateChainEngine
CertFindExtension
CertFindCertificateInStore
CertFreeCertificateChain
CertGetCertificateChain
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObjectEx
CertGetNameStringW
CertCreateCertificateChainEngine
PFXImportCertStore

wldap32

ord79
ord142
ord167
ord127
ord27
ord26
ord117
ord41
ord208
ord73
ord216
ord14
ord46
ord219
ord147
ord145
ord301
ord133

bcrypt

BCryptGenRandom

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

660b50ae9ba11f1c120544d531937f96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

crypt32

wldap32

bcrypt

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.rdata Size: 251KB - Virtual size: 250KB

.data Size: 8KB - Virtual size: 28KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 96KB - Virtual size: 95KB

.text
Size: 6.7MB - Virtual size: 6.7MB

.rdata
Size: 251KB - Virtual size: 250KB

.data
Size: 8KB - Virtual size: 28KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 96KB - Virtual size: 95KB