Infocat Infoventures[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Infocat Infoventures.zip
Size

9.2MB
MD5

fc6834720226fde36cdde1bbcf12bbfb
SHA1

eef93abe62d8e683c068630e476b78a8b2942546
SHA256

843ceb7fffa93ae2680ac4792d2a7749a04eb4220756efb1a92039a65ca15166
SHA512

eb4a43ad60cf78f3d48e2ca933569f2315952614e07990e47bdc845b2ef8d493d0084ceb0da388a4e02346ee8b25410b996ff3e42a722162de8e1af7e62e9566
SSDEEP

196608:mKJk41LcUBo1AzGTlB1zZ+gPSUv5Uz1OEC3D/est:DRvK17X1zRagUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/infoventures.exe

Files

Infocat Infoventures.zip
.zip
data.win
infoventures.exe
.exe windows:6 windows x64 arch:x64

bebd143050ccf80dc3870f2e269ae454

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\GameMaker\GameMaker\GameMaker\Runner\VC_Runner\x64\Release-Zeus\Runner.pdb

Imports

rpcrt4

UuidToStringW
UuidCreate

wininet

HttpEndRequestW
InternetWriteFile
InternetCloseHandle
HttpSendRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenA
InternetConnectA
InternetReadFile
InternetGetConnectedState

d3d11

D3D11CreateDevice

dbghelp

MiniDumpWriteDump
SymInitialize
SymFromAddr

winmm

joyGetPos
mciSendStringA
timeGetTime
timeGetDevCaps
timeEndPeriod
timeBeginPeriod
joyGetPosEx

ws2_32

WSAStartup
WSAAddressToStringA
inet_pton
socket
connect
gethostname
recvfrom
recv
getsockopt
freeaddrinfo
sendto
ioctlsocket
setsockopt
WSAGetLastError
getpeername
inet_ntop
getnameinfo
__WSAFDIsSet
select
ntohl
ntohs
htonl
htons
getaddrinfo
listen
closesocket
bind
accept
WSACleanup
getsockname
send

gdiplus

GdiplusStartup
GdiplusShutdown

comctl32

InitCommonControlsEx

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

mfplat

MFStartup
MFCreateSourceResolver
MFCreateMediaType
MFShutdown

mf

MFCreateAudioRendererActivate
MFCreateTopologyNode
MFCreateMediaSession
MFCreateSampleGrabberSinkActivate
MFGetService
MFCreateTopology

iphlpapi

GetAdaptersAddresses
NotifyIpInterfaceChange
CancelMibChangeNotify2

kernel32

SetConsoleCtrlHandler
GetCurrentThread
WriteFile
GetStdHandle
FreeLibraryAndExitThread
ExitThread
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
MoveFileExW
SetFileAttributesW
GetFileAttributesExW
GetModuleHandleExW
HeapWalk
HeapValidate
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlPcToFileHeader
RtlUnwindEx
GetTempPathW
GetProcessHeap
HeapFree
HeapAlloc
InitializeSListHead
RaiseException
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetConsoleMode
GetFileSizeEx
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
SetFilePointerEx
ReadConsoleW
SetStdHandle
GetTimeZoneInformation
HeapReAlloc
IsValidLocale
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
VirtualQuery
Sleep
LoadLibraryW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LoadLibraryA
OutputDebugStringA
SetWaitableTimer
CreateWaitableTimerW
CloseHandle
GetConsoleWindow
SetLastError
GetFullPathNameW
GetExitCodeThread
FormatMessageW
DeleteFileW
CreateThread
GetCurrentDirectoryW
SetCurrentDirectoryW
LocalFree
GetModuleHandleW
ReadFile
SetFilePointer
CreateFileW
GetFileAttributesW
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableW
FreeLibrary
FormatMessageA
CreateDirectoryW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
GetModuleFileNameW
GetUserDefaultLCID
WaitForSingleObject
ResumeThread
GetTempPathA
CreateProcessW
CreateDirectoryA
OpenThread
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
K32GetProcessMemoryInfo
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
GetVersionExW
GetSystemInfo
GlobalMemoryStatusEx
VerSetConditionMask
VerifyVersionInfoW
GlobalFree
GetCurrentProcessId
DebugBreak
GetEnvironmentVariableA
ExitProcess
lstrlenA
GetVersion
SetEnvironmentVariableA
CreateFileMappingW
MapViewOfFile
MoveFileA
GetCommandLineW
ExpandEnvironmentStringsW
GetFinalPathNameByHandleW
SetErrorMode
GetCurrentThreadId
SetUnhandledExceptionFilter
WaitForSingleObjectEx
CreateEventExA
OutputDebugStringW
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
GetStringTypeW
GetLocaleInfoEx
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
CreateSymbolicLinkW
GetFileInformationByHandleEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
InitOnceExecuteOnce
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetFileInformationByHandle
GetNativeSystemInfo
SwitchToThread
SleepConditionVariableSRW
SleepConditionVariableCS
SetEndOfFile
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
TlsFree
TlsGetValue
TlsAlloc
SetThreadPriority
TlsSetValue
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
RtlCaptureStackBackTrace
LCMapStringW
EnumSystemLocalesW
FlushFileBuffers
FindClose
GetConsoleOutputCP
HeapSize
GetFileSize
WriteConsoleW

user32

MsgWaitForMultipleObjectsEx
EnumDisplaySettingsA
TranslateMessage
SetProcessDPIAware
SetDlgItemTextA
MessageBoxA
PeekMessageW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
keybd_event
IsDialogMessageW
DispatchMessageW
GetFocus
GetRawInputDeviceList
GetCursorPos
SetCursorPos
UpdateWindow
EnumDisplaySettingsW
GetMonitorInfoW
ShowWindow
GetSystemMetrics
SendMessageW
GetAsyncKeyState
IsWindowVisible
GetWindowLongPtrW
GetLayeredWindowAttributes
IntersectRect
SetWindowLongPtrW
MonitorFromWindow
wsprintfW
GetActiveWindow
ClientToScreen
MoveWindow
CreateDialogParamW
GetDC
EndDialog
SetWindowTextW
SetDlgItemTextW
GetDlgItemTextW
GetDlgItem
DrawTextW
DialogBoxParamW
ReleaseDC
GetWindowLongW
DefWindowProcW
GetKeyState
PostMessageW
CreateWindowExW
ScreenToClient
CallNextHookEx
RegisterClassExW
FindWindowExA
MapWindowPoints
UnhookWindowsHookEx
EnumWindows
SetFocus
BringWindowToTop
EnumDisplayDevicesW
LoadCursorW
SendMessageA
SetParent
SetCapture
SetWindowsHookExW
SetCursor
GetClientRect
PostThreadMessageW
FindWindowA
ReleaseCapture
SetForegroundWindow
LoadImageW
MessageBoxW
GetRawInputDeviceInfoA
DestroyWindow
AdjustWindowRectEx
GetWindowRect
SetWindowPos

gdi32

SelectObject
DeleteObject
CombineRgn
GetRgnBox
CreateRectRgnIndirect
GetDeviceCaps
GetStockObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
RegQueryValueExW
CryptAcquireContextA

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance
CoCreateFreeThreadedMarshaler
PropVariantClear

dwmapi

DwmGetWindowAttribute
DwmGetCompositionTimingInfo

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCandidateWindow

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 432KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 411KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mydata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
options.ini

Sharing

General

Malware Config

Signatures

Files

bebd143050ccf80dc3870f2e269ae454

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

rpcrt4

wininet

d3d11

dbghelp

winmm

ws2_32

gdiplus

comctl32

version

mfplat

mf

iphlpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

dwmapi

imm32

Sections

.text Size: 8.8MB - Virtual size: 8.8MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 432KB - Virtual size: 2.8MB

.pdata Size: 411KB - Virtual size: 411KB

minATL Size: 512B - Virtual size: 24B

_RDATA Size: 512B - Virtual size: 244B

.mydata Size: 512B - Virtual size: 24B

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 8.8MB - Virtual size: 8.8MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 432KB - Virtual size: 2.8MB

.pdata
Size: 411KB - Virtual size: 411KB

minATL
Size: 512B - Virtual size: 24B

_RDATA
Size: 512B - Virtual size: 244B

.mydata
Size: 512B - Virtual size: 24B

.rsrc
Size: 45KB - Virtual size: 45KB