XDR_ResponseApp_CollectFile_RM-20240723-00008_bb98535a-9de8-4e31-a0bb-02b6303527bc_20240723T104348Z (1)[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

XDR_ResponseApp_CollectFile_RM-20240723-00008_bb98535a-9de8-4e31-a0bb-02b6303527bc_20240723T104348Z (1).7z
Size

223KB
MD5

b05d00f89d8054c2146ee00f9912d6c9
SHA1

23c4f227c1140ed2d91f96ab54bc51001e95c4a2
SHA256

012336db8cee39bc3c28d4aa0a502a1a197d175cd9ea2647aaf71fd1dcc815e7
SHA512

5a5770974a3db755ff23704aa64c55e525307c54f7962188bd6c806e4800ec8051428c971a00c7c22b67eef0878c8271d5618dd17418d07e7c6413e692d76f10
SSDEEP

3072:+vHjEekjZ8JcLXOi/K/w52JMFbKhqaq9JB1a7YER9q6JYNAID0Oy5MXmxc0DJXu+:SQjAyXWwueYCJBAz9JuWnxc0F6pm1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Daniel GC-C6.pdf.exe

Files

XDR_ResponseApp_CollectFile_RM-20240723-00008_bb98535a-9de8-4e31-a0bb-02b6303527bc_20240723T104348Z (1).7z
.zip

Password: nrxb4v8z
Daniel GC-C6.pdf.exe
.exe windows:4 windows x86 arch:x86

Password: nrxb4v8z

d20a9e341245699775e8760818473a10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GlobalAlloc
GetProcAddress
LoadLibraryA
SetErrorMode
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
IsDBCSLeadByte
GetACP
GetCPInfo
Sleep
WaitForMultipleObjects
CreateThread
ExitThread
WinExec
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
CloseHandle
GlobalUnlock
GlobalLock
GetModuleFileNameA
GetCommandLineA
GetModuleHandleA
ExitProcess
lstrlenA
GetStartupInfoA
CreateProcessA
EnterCriticalSection
GlobalFree
LeaveCriticalSection
DeleteCriticalSection
QueryPerformanceCounter

user32

SetTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
MessageBoxA
DeleteMenu
ClientToScreen
TrackPopupMenu
GetCapture
GetCursorPos
WindowFromPoint
ScreenToClient
MapVirtualKeyA
CheckMenuItem
InvalidateRect
PostMessageA
GetDlgItemTextA
EnableWindow
SetDlgItemTextA
SetFocus
GetClientRect
GetMenu
SetMenu
GetDesktopWindow
MoveWindow
DialogBoxParamA
FillRect
KillTimer
EnableMenuItem
PostQuitMessage
LoadMenuA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateMessage
DispatchMessageA
TranslateAcceleratorA
GetWindow
GetWindowRect
SetWindowPos
GetWindowLongA
DefWindowProcA
IsWindow
DestroyWindow
CreateWindowExA
SetWindowLongA
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetKeyState
EmptyClipboard
SetClipboardData
EndDialog
GetSubMenu
LoadStringA
OpenClipboard
GetClipboardData
CloseClipboard
GetDC
ReleaseDC
GetWindowTextLengthA
GetDlgItem
DestroyMenu

gdi32

SetPolyFillMode
StrokePath
ExtCreatePen
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
GdiFlush
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
EndPath
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
ExtTextOutA
SetBkColor
GetBkColor
SetTextAlign
SetBkMode
SetTextColor
SelectClipRgn
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetTextAlign
GetBkMode
GetTextColor
IntersectClipRect
GetClipRgn
CreateRectRgn
CreateFontIndirectA
DPtoLP
GetObjectA
RealizePalette
StartDocA
LPtoDP
StartPage
EndPage
EndDoc
BeginPath
CreatePalette
SelectPalette
GetSystemPaletteEntries
FillPath
SelectClipPath
PolyBezierTo
GetClipBox
SaveDC
RestoreDC
CreateSolidBrush

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

advapi32

RegSetValueA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

timeKillEvent
timeSetEvent
waveOutReset
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutGetDevCapsA
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutOpen

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: nrxb4v8z

Password: nrxb4v8z

d20a9e341245699775e8760818473a10

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

Sections

.text Size: 276KB - Virtual size: 274KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 12KB - Virtual size: 17KB

.data1 Size: 4KB - Virtual size: 176B

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 12KB - Virtual size: 17KB

.data1
Size: 4KB - Virtual size: 176B

.rsrc
Size: 40KB - Virtual size: 37KB