smx-r22-phoenix-makro-program[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

smx-r22-phoenix-makro-program.zip
Size

3.7MB
MD5

f01f691622309097f2d387296c7903e4
SHA1

5ea8a73d3d147bb6e28a3b638f7e5d7ae261b56d
SHA256

5dd3d8cbc1bed6ba89711cfbef8b9a6f34424c30f972b15e6d6f97407aabe5ef
SHA512

fb589abae1ba66c799b59497f384beffb31c3fc1e4656041cb3fe83e06f5825e1ba63f4870d38744ec8029640ee8a22d118eaace8506bf10de4ba710a09dd3ac
SSDEEP

98304:pcpmo028yUSD8HwDTkYAgG/RIrky4+Lg/iXMKHh:pamoTJD2QoRJyh8/iXMKHh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SMX-R22.exe

Files

smx-r22-phoenix-makro-program.zip
.zip
SMX-R22.exe
.exe windows:5 windows x86 arch:x86

d4fe8eec31ba44b37546499596e74621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\CodeBases\isdev\redist\Language Independent\i386\setup.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ord17

kernel32

LoadLibraryW
GetModuleHandleW
lstrcmpW
lstrcmpiW
GetSystemDefaultLangID
GetUserDefaultLangID
VerLanguageNameW
CompareFileTime
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
SetFileAttributesW
GetSystemTimeAsFileTime
GetPrivateProfileStringW
MoveFileW
LocalFree
FormatMessageW
GetSystemInfo
MulDiv
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryExW
GetVersion
GetLocalTime
IsValidLocale
GetCommandLineW
GetFileAttributesW
FlushFileBuffers
SetEndOfFile
VirtualQuery
lstrcpyA
IsBadReadPtr
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeProcess
GetCurrentThread
GetLocaleInfoW
InterlockedExchange
LoadLibraryExA
GetProcAddress
FreeLibrary
CompareStringA
CompareStringW
lstrcatW
GetVersionExW
InterlockedDecrement
InterlockedIncrement
CreateEventW
QueryPerformanceFrequency
ReadConsoleW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetTempFileNameW
SetConsoleCtrlHandler
OutputDebugStringW
EnumSystemLocalesW
GetUserDefaultLCID
FatalAppExitA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
HeapReAlloc
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThreadId
HeapSize
AreFileApisANSI
GetModuleHandleExW
GetStdHandle
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
lstrcpynA
LocalAlloc
QueryPerformanceCounter
SearchPathW
lstrcmpA
SystemTimeToFileTime
ResetEvent
SetEvent
VirtualProtect
GetCurrentProcessId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetDateFormatW
GetTimeFormatW
GetCurrentDirectoryW
FindResourceExW
GetLastError
CopyFileW
GetTickCount
GetExitCodeThread
CreateThread
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
lstrcpyW
GetWindowsDirectoryW
SetErrorMode
GetTempPathW
ExpandEnvironmentStringsW
MoveFileExW
WriteProcessMemory
VirtualProtectEx
GetSystemDirectoryW
FlushInstructionCache
SetThreadContext
GetThreadContext
CreateProcessW
ResumeThread
TerminateProcess
ExitProcess
GetCurrentProcess
Sleep
WaitForSingleObject
DuplicateHandle
RemoveDirectoryW
DeleteFileW
SetCurrentDirectoryW
lstrlenW
lstrcpynW
GetModuleFileNameW
GetProcessHeap
HeapFree
HeapAlloc
WriteFile
SetFilePointer
ReadFile
WideCharToMultiByte
GetEnvironmentVariableW
SetFileTime
GetFileTime
OpenProcess
GetProcessTimes
LCMapStringW
DecodePointer
EncodePointer
MultiByteToWideChar
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
SetLastError
GetConsoleCP

user32

DefWindowProcW
PostMessageW
DispatchMessageW
PostQuitMessage
RegisterClassW
TranslateMessage
GetMessageW
CharUpperW
KillTimer
SetTimer
GetDC
CharPrevW
SendDlgItemMessageW
wvsprintfW
LoadImageW
CreateDialogParamW
MoveWindow
SetCursor
GetWindow
GetDlgItemTextW
SetFocus
EnableWindow
SetForegroundWindow
SetActiveWindow
SetDlgItemTextW
IsDialogMessageW
FindWindowW
SubtractRect
IntersectRect
SetRect
FillRect
GetSysColorBrush
GetSysColor
GetWindowRect
ExitWindowsEx
GetSystemMetrics
GetDlgCtrlID
CreateDialogIndirectParamW
DestroyWindow
IsWindow
SendMessageW
MessageBoxW
CharNextW
WaitForInputIdle
SetWindowLongW
GetWindowLongW
GetClientRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
SetWindowPos
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
ShowWindow
GetDesktopWindow
MsgWaitForMultipleObjects
PeekMessageW
wsprintfW
LoadIconW
LoadCursorW
CreateWindowExW

gdi32

GetObjectW
SetTextColor
SetBkMode
GetDeviceCaps
CreateFontW
CreateFontIndirectW
SetStretchBltMode
StretchBlt
SelectObject
DeleteDC
CreateDIBitmap
CreateCompatibleDC
BitBlt
DeleteObject
GetStockObject
CreatePalette
GetSystemPaletteEntries
RealizePalette
SelectPalette
GetDIBColorTable
CreateHalftonePalette
UnrealizeObject
TranslateCharsetInfo
CreateSolidBrush

advapi32

RegCloseKey
CryptSignHashW
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptVerifySignatureW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegEnumValueW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteExW
SHGetMalloc

ole32

CoCreateInstance
StringFromGUID2
CoCreateGuid
CreateItemMoniker
GetRunningObjectTable
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
ProgIDFromCLSID
CoUninitialize
CoInitializeSecurity
CoInitialize

oleaut32

LoadTypeLi
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
VarBstrFromDate
VariantClear
VariantChangeType
GetErrorInfo
VarUI4FromStr
SystemTimeToVariantTime
RegisterTypeLi
SetErrorInfo
CreateErrorInfo

crypt32

CryptAcquireCertificatePrivateKey
CryptImportPublicKeyInfo
PFXImportCertStore
CertSaveStore
CertOpenStore
CertFindCertificateInStore
CertCompareCertificate
CertOpenSystemStoreW
CertGetIssuerCertificateFromStore
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertEnumCertificatesInStore

rpcrt4

UuidCreate
UuidToStringW
UuidFromStringW
RpcStringFreeW

Sections

.text
Size: 717KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4fe8eec31ba44b37546499596e74621

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

crypt32

rpcrt4

Sections

.text Size: 717KB - Virtual size: 717KB

.rdata Size: 217KB - Virtual size: 216KB

.data Size: 9KB - Virtual size: 35KB

.rsrc Size: 441KB - Virtual size: 440KB

.text
Size: 717KB - Virtual size: 717KB

.rdata
Size: 217KB - Virtual size: 216KB

.data
Size: 9KB - Virtual size: 35KB

.rsrc
Size: 441KB - Virtual size: 440KB