1483949479035fttkzqmlmub78pakz4hdxi529[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

1483949479035fttkzqmlmub78pakz4hdxi529.zip
Size

207KB
MD5

c37fcf6db67b23c3e4d7927260053f1d
SHA1

a60044f42e7da7d085f9feb27ff47d6b96eba374
SHA256

e70952a8d5841454ec2d1e0325ec8d9d2ddbb024e3d15bae75fb2e34fc7642bf
SHA512

86211a6d9f05c76a6eeaf894ab803b8c080a1ab1ab513078a72e05dcb28d97b457b115ef1795e0197bd428c894f8d98050be337c857cd6e9d5e9a7c4366fc96f
SSDEEP

3072:rEPj67ULKYFgMftPoO1nT5Hi99jfjIg4YmBMCPJRrFjxE7lD9WclHPv1Rfa/B2Om:rEPBL7eO1ng99bjIg47M4Vi7lB7f6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/G-PRIV/G-PRIV-update.exe

Files

1483949479035fttkzqmlmub78pakz4hdxi529.zip
.zip
G-PRIV/G-PRIV-update.exe
.exe windows:4 windows x86 arch:x86

13a89c1b25610a9778f0a405ae8ed183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
GetFileTime
GetFileSize
GetFileAttributesA
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GetACP
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
HeapSize
HeapReAlloc
RaiseException
DuplicateHandle
FormatMessageA
LocalFree
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MulDiv
LoadLibraryA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
lstrlenA
SetLastError
FreeLibrary
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WriteFile
GetLastError
ReadFile
CreateFileA
SetUnhandledExceptionFilter
CloseHandle

user32

RegisterClipboardFormatA
PostThreadMessageA
CopyAcceleratorTableA
CharNextA
LoadStringA
GetSysColorBrush
PtInRect
GetClassNameA
GetDesktopWindow
LoadCursorA
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetNextDlgGroupItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
GetDC
ReleaseDC
DestroyMenu
AdjustWindowRectEx
MessageBeep
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
LoadBitmapA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
GetMenuItemID
SetRect
LoadIconA
UnregisterClassA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromProgID
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromString
CoRegisterMessageFilter
CoRevokeClassObject
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysFreeString
SysAllocStringLen

wsock32

WSAStartup
WSACleanup

hid

HidD_GetPreparsedData
HidP_GetCaps
HidD_GetHidGuid
HidD_GetAttributes

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
G-PRIV/GPRIV_V1.8.bin

Sharing

General

Malware Config

Signatures

Files

13a89c1b25610a9778f0a405ae8ed183

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

hid

setupapi

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 20KB - Virtual size: 30KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 20KB - Virtual size: 30KB

.rsrc
Size: 16KB - Virtual size: 13KB