CISDEM-AppCrypt-7[.]8[.]0-file_706671[.]exe

Resubmissions

12-08-2024 06:07

240812-gvjg1syckp 7

12-08-2024 06:06

240812-gt9ykssgqa 3

Sharing

Copy URL

Twitter E-mail

General

Target

CISDEM-AppCrypt-7.8.0-file_706671.exe
Size

18.6MB
MD5

4467113b9e3e360f00a5568fb9c0a510
SHA1

5ba697a74fd25d69181a228c0b5b28debe1ea8c9
SHA256

26b2f24a39630635a9fe07a9e89406986dcec55bef0ec7e735a8f0449784be48
SHA512

d4b773bfe1e13d94616e2002e3339331324a8df889bb5dc22b84264bce2371063055df2deda53545bc658b50c40e9284065ea902587c90b51e02ad6eec653d53
SSDEEP

393216:AcW23WGWcqJuuCJuuBy3QYDez3QzCQSPIaXSz69II65rUV+:AuqJuuCJuuI3ivhdS+9Ix5rUV+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CISDEM-AppCrypt-7.8.0-file_706671.exe

Files

CISDEM-AppCrypt-7.8.0-file_706671.exe
.exe windows:6 windows x86 arch:x86

dd99b1d4724b2a330fd30cc96c3445eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

SetCurrentDirectoryA
CreateFileW
GetModuleHandleA
SetStdHandle
GetLocaleInfoW
SetFileTime
GetSystemDirectoryW
WaitForSingleObject
GetFileAttributesW
HeapSize
GetFileInformationByHandle
LoadLibraryW
GetFullPathNameW
CreateDirectoryA
IsValidLocale
TryAcquireSRWLockExclusive
FreeLibraryAndExitThread
InitializeCriticalSection
SetEnvironmentVariableA
GetCurrentProcessId
FileTimeToSystemTime
TlsFree
ReadFile
lstrlenA
WideCharToMultiByte
SetFilePointer
GetSystemTimeAsFileTime
CreateThread
GetStdHandle
LoadLibraryExW
GetLocaleInfoEx
LocalFree
VirtualAlloc
GetVersionExA
TlsSetValue
GetUserDefaultLCID
GetTempPathW
UnhandledExceptionFilter
FreeLibrary
DeleteFileW
ResetEvent
DeleteFileA
FindFirstFileA
SystemTimeToTzSpecificLocalTime
FindFirstFileW
GetLastError
GetSystemInfo
ExitThread
QueryPerformanceCounter
GetTimeZoneInformation
FlushFileBuffers
SetFilePointerEx
TlsAlloc
SetCurrentDirectoryW
GetFileType
InitializeSListHead
EnterCriticalSection
SleepEx
GetFinalPathNameByHandleW
EnumSystemLocalesW
GetProcessAffinityMask
GetFileSize
GetModuleHandleW
LeaveCriticalSection
CompareStringW
MoveFileExW
GetTempPathA
HeapReAlloc
LoadLibraryA
WriteConsoleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableA
GetFileSizeEx
SetFileAttributesW
FreeEnvironmentStringsW
AreFileApisANSI
GetCurrentDirectoryW
ReadConsoleW
VirtualFree
GetModuleFileNameW
RaiseException
RemoveDirectoryW
ExitProcess
CreateDirectoryW
EncodePointer
RemoveDirectoryA
GetModuleHandleExW
Sleep
GetCurrentProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetDriveTypeW
ReleaseSemaphore
SetEvent
WaitForSingleObjectEx
GetEnvironmentStringsW
RtlUnwind
HeapAlloc
CreateEventA
LCMapStringW
TerminateProcess
DeleteCriticalSection
GetStartupInfoW
VerSetConditionMask
IsDebuggerPresent
GetACP
GetFileAttributesExW
MultiByteToWideChar
GetCurrentDirectoryA
InitializeCriticalSectionEx
FindClose
TlsGetValue
WriteFile
WaitForMultipleObjects
CreateSemaphoreA
QueryPerformanceFrequency
FormatMessageA
GetConsoleCP
LCMapStringEx
PeekNamedPipe
GetStringTypeW
GetTickCount
GetDateFormatW
GetFileAttributesA
FormatMessageW
WakeAllConditionVariable
lstrcatA
GetCommandLineA
GetCurrentThreadId
GetConsoleMode
VerifyVersionInfoW
GetOEMCP
GlobalMemoryStatus
HeapFree
FindNextFileA
GetCPInfo
IsProcessorFeaturePresent
GetTickCount64
CloseHandle
GetModuleFileNameA
GetCommandLineW
SetEndOfFile
DecodePointer
IsValidCodePage
GetVersion
FindNextFileW
CreateFileA
GetProcessHeap
SetLastError
SetFileAttributesA
FindFirstFileExA
GetTimeFormatW
SetUnhandledExceptionFilter

user32

CharUpperA
ShowWindow
DialogBoxParamA
MessageBoxW
KillTimer
CharUpperW
SendMessageA
GetWindowLongA
wsprintfA
PostMessageA
SetTimer
EndDialog
MessageBoxA
LoadStringW
LoadIconA
SetWindowLongA
LoadStringA
GetDlgItem
DialogBoxParamW
DestroyWindow
SetWindowTextA
SetWindowTextW

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

advapi32

CryptHashData
CryptCreateHash
CryptEncrypt
CryptImportKey
CryptDestroyHash
CryptDestroyKey
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext

crypt32

CryptDecodeObjectEx
CertOpenStore
CryptStringToBinaryW
CertEnumCertificatesInStore
CertFindExtension
PFXImportCertStore
CertGetNameStringW
CertCloseStore
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptQueryObject
CertFreeCertificateChain
CertCreateCertificateChainEngine
CertGetCertificateChain
CertFindCertificateInStore

wldap32

ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133

ws2_32

gethostname
htons
getsockopt
send
WSAIoctl
WSACloseEvent
WSACreateEvent
WSAResetEvent
freeaddrinfo
WSAEventSelect
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
getaddrinfo
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
recvfrom
sendto
getpeername

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dd99b1d4724b2a330fd30cc96c3445eb

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

bcrypt

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.rdata Size: 200KB - Virtual size: 200KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 71KB - Virtual size: 71KB

.text
Size: 6.0MB - Virtual size: 6.0MB

.rdata
Size: 200KB - Virtual size: 200KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 71KB - Virtual size: 71KB