The-Strongest-Battlegrounds-Script-252735[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

The-Strongest-Battlegrounds-Script-252735.zip
Size

18.0MB
MD5

555f01739af5d1e38daafe6b70347251
SHA1

60d1e9450509a73e6192e0958d517ea9f792e01a
SHA256

c348e39878fe37df4d0dfc8b2a97387c786e271f60d52ed48c49ece1bab2b4cd
SHA512

b7bdcd9e32cd895c7adb374ba5d81b2189fd1ff3439a53efb12e4497250358898f33c1b54332a414d223c4da4763ff025b6ead584a4cbb744402517a002ebca1
SSDEEP

393216:xnfUt2AmVIcf5na4IyYhFZDPBLVVlUWghXkkEmV:xn8ABVPBa4HYhFZDTFgR3EmV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Install_02026.exe

Files

The-Strongest-Battlegrounds-Script-252735.zip
.zip
Install_02026.exe
.exe windows:6 windows x86 arch:x86

5988e6058399342b7bab73e1fe4adf61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
RaiseException
GetCPInfo
SetUnhandledExceptionFilter
GetTempPathW
ExitProcess
GetTempPathA
FreeLibrary
Sleep
SetFilePointerEx
GetStringTypeW
ReadFile
HeapAlloc
HeapReAlloc
CreateThread
CreateEventA
SetLastError
RtlUnwind
GetModuleFileNameA
ReleaseSRWLockExclusive
GetCommandLineW
CreateDirectoryW
InitializeCriticalSectionEx
CreateFileA
GetFileSize
VirtualAlloc
GetProcAddress
TlsGetValue
GetStartupInfoW
VirtualFree
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
GetCurrentDirectoryW
FindNextFileW
AcquireSRWLockExclusive
LeaveCriticalSection
GetFileType
WaitForSingleObject
TlsSetValue
FindFirstFileExA
GetConsoleCP
InitializeSListHead
FindNextFileA
FormatMessageA
GetStdHandle
SetCurrentDirectoryA
GetVersionExA
MoveFileExW
DeleteFileW
FindFirstFileW
AreFileApisANSI
GetCurrentProcessId
CreateDirectoryA
FindFirstFileA
InitializeCriticalSection
IsProcessorFeaturePresent
GetConsoleMode
SetFilePointer
RemoveDirectoryA
FreeLibraryAndExitThread
GetLastError
CreateProcessA
MultiByteToWideChar
GetModuleHandleW
GetFileAttributesW
RemoveDirectoryW
TlsFree
HeapSize
GetOEMCP
HeapFree
IsValidCodePage
ReleaseSemaphore
GetCommandLineA
GetFileInformationByHandle
GetCurrentProcess
LocalFree
TerminateProcess
WriteConsoleW
CreateFileW
WideCharToMultiByte
GetModuleHandleExW
FormatMessageW
EnterCriticalSection
SetStdHandle
CloseHandle
GlobalMemoryStatus
GetCurrentThreadId
FindClose
GetTickCount64
DeleteFileA
GetTickCount
SetFileAttributesA
SetEvent
UnhandledExceptionFilter
SetFileAttributesW
SetCurrentDirectoryW
TlsAlloc
GetEnvironmentStringsW
LCMapStringW
GetModuleHandleA
EncodePointer
LoadLibraryExW
IsBadReadPtr
ExitThread
GetProcessAffinityMask
LoadLibraryA
QueryPerformanceCounter
GetModuleFileNameW
SetFileTime
GetSystemInfo
GetProcessHeap
GetTempFileNameW
TryAcquireSRWLockExclusive
IsDebuggerPresent
ResetEvent
GetSystemDirectoryW
WriteFile
GetVersion
QueryPerformanceFrequency
GetCurrentDirectoryA
GetACP
WakeAllConditionVariable
FlushFileBuffers
GetSystemTimeAsFileTime
DeleteCriticalSection
LoadLibraryW
FreeEnvironmentStringsW
DecodePointer
SetEndOfFile

user32

ShowWindow
LoadStringA
SetWindowTextA
LoadStringW
PostMessageA
SetWindowTextW
DialogBoxParamW
LoadIconA
CharUpperW
EndDialog
KillTimer
CharUpperA
MessageBoxA
SendMessageA
SetTimer
GetDlgItem
SetWindowLongA
GetWindowLongA
DialogBoxParamA
MessageBoxW
DestroyWindow

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

advapi32

CloseServiceHandle

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 570KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5988e6058399342b7bab73e1fe4adf61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

oleaut32

advapi32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 570KB - Virtual size: 586KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 570KB - Virtual size: 586KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 22KB - Virtual size: 22KB