seratodjprofilelatest-602796[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

seratodjprofilelatest-602796.zip
Size

20.2MB
MD5

755c3747f95ee12bebf61e07e097c701
SHA1

40a6392c6f877a4bc9f1b2d075e8b84a11389c29
SHA256

ee8f1ce572b86cca5958af43bcf8ad1c4d375ecb54daa714b0bb67e4b27edfbf
SHA512

cd8220f47c2de6b0cdfd375e9bd092f2a1a64ef9750e754ceb61e3bfbfe4fa0d66b395d1efa202a66bd334fd06bb46e8b2084243febec6d262ddb6bcdf3bd819
SSDEEP

393216:MbtbitdF7MWhgHLU/AcwHQWJCLwHMqU3hS9kRQFElWYP6TLaO:MbA7UNDRCMHMh3hS9kRQFEllc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup_10024.exe

Files

seratodjprofilelatest-602796.zip
.zip
Setup_10024.exe
.exe windows:6 windows x86 arch:x86

d514a0a043584816db80d35d2586aa85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

GetFileAttributesA
DeleteCriticalSection
GetFileAttributesExW
SetFileAttributesW
GetDateFormatW
FindFirstFileExA
WaitForMultipleObjects
HeapSize
CreateSemaphoreA
LocalFree
GetSystemTimeAsFileTime
GetModuleFileNameW
SetEnvironmentVariableA
IsValidCodePage
TerminateProcess
CreateFileA
GetModuleHandleExW
GetVersion
TryAcquireSRWLockExclusive
FreeEnvironmentStringsW
GetProcessHeap
HeapAlloc
GetDriveTypeW
CreateDirectoryW
InitializeCriticalSection
GetFileAttributesW
RtlUnwind
SetFilePointerEx
VirtualAlloc
SetCurrentDirectoryW
SetFileAttributesA
AcquireSRWLockExclusive
GetCPInfo
ReadFile
GetTempPathW
SetUnhandledExceptionFilter
FindNextFileW
GetCurrentProcess
CreateThread
CreateDirectoryA
FormatMessageA
WakeAllConditionVariable
GetLocaleInfoW
ResetEvent
IsValidLocale
UnhandledExceptionFilter
WriteConsoleW
EncodePointer
GetFileInformationByHandle
DeleteFileA
TlsSetValue
GetFileType
GetStringTypeW
LoadLibraryExW
FormatMessageW
SetFileTime
GetTickCount64
GetACP
GetTickCount
SetStdHandle
GlobalMemoryStatus
LeaveCriticalSection
InitializeSListHead
HeapFree
SetFilePointer
EnterCriticalSection
MultiByteToWideChar
GetTimeZoneInformation
SetEvent
ExitThread
TlsFree
LCMapStringEx
GetVersionExA
WriteFile
GetConsoleCP
FindFirstFileW
GetUserDefaultLCID
GetFileSizeEx
FlushFileBuffers
FindClose
GetFullPathNameW
SleepEx
Sleep
TlsAlloc
GetCurrentProcessId
TlsGetValue
GetSystemDirectoryW
CreateEventA
ExitProcess
ReleaseSemaphore
LoadLibraryW
VerifyVersionInfoW
WideCharToMultiByte
WaitForSingleObjectEx
DeleteFileW
RemoveDirectoryW
RemoveDirectoryA
LCMapStringW
GetTimeFormatW
DecodePointer
GetLastError
GetModuleHandleW
GetModuleHandleA
GetFileSize
GetCurrentDirectoryW
FindFirstFileA
GetTempPathA
SetLastError
GetOEMCP
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
IsDebuggerPresent
GetConsoleMode
HeapReAlloc
GetModuleFileNameA
lstrcatA
GetEnvironmentVariableA
GetFinalPathNameByHandleW
FreeLibraryAndExitThread
CreateFileW
AreFileApisANSI
GetStdHandle
PeekNamedPipe
RaiseException
GetEnvironmentStringsW
GetStartupInfoW
ReadConsoleW
GetLocaleInfoEx
QueryPerformanceCounter
WaitForSingleObject
MoveFileExW
LoadLibraryA
CloseHandle
EnumSystemLocalesW
QueryPerformanceFrequency
FindNextFileA
CompareStringW
SystemTimeToTzSpecificLocalTime
GetProcAddress
GetCommandLineW
FreeLibrary
IsProcessorFeaturePresent
VerSetConditionMask
GetCurrentThreadId
ReleaseSRWLockExclusive
GetCommandLineA
lstrlenA
VirtualFree
SetEndOfFile
GetSystemInfo
GetProcessAffinityMask
FileTimeToSystemTime
GetCurrentDirectoryA
SetCurrentDirectoryA

user32

DialogBoxParamA
KillTimer
GetDlgItem
DialogBoxParamW
EndDialog
DestroyWindow
CharUpperW
LoadStringA
SetWindowTextW
SendMessageA
GetWindowLongA
ShowWindow
SetWindowTextA
SetTimer
wsprintfA
MessageBoxA
SetWindowLongA
PostMessageA
CharUpperA
LoadIconA
LoadStringW
MessageBoxW

shell32

ShellExecuteExA

oleaut32

VariantClear
SysAllocStringLen
SysStringLen

bcrypt

BCryptGenRandom

advapi32

CryptDestroyKey
CryptImportKey
CryptAcquireContextW
CryptEncrypt
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptGetHashParam

crypt32

CertFreeCertificateContext
CertCreateCertificateChainEngine
CertCloseStore
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CertFreeCertificateChain
PFXImportCertStore
CertOpenStore
CryptDecodeObjectEx
CertFindCertificateInStore
CertFreeCertificateChainEngine
CertGetCertificateChain
CertGetNameStringW
CryptQueryObject
CertFindExtension
CryptStringToBinaryW

wldap32

ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133

ws2_32

gethostname
htons
getsockopt
send
WSACloseEvent
WSACreateEvent
WSAWaitForMultipleEvents
WSAResetEvent
WSAEnumNetworkEvents
WSAIoctl
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
WSAEventSelect
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
getaddrinfo
freeaddrinfo
recvfrom
sendto
getpeername

Sections

.text
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d514a0a043584816db80d35d2586aa85

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

oleaut32

bcrypt

advapi32

crypt32

wldap32

ws2_32

Sections

.text Size: 6.1MB - Virtual size: 6.1MB

.rdata Size: 200KB - Virtual size: 200KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 72KB - Virtual size: 71KB

.text
Size: 6.1MB - Virtual size: 6.1MB

.rdata
Size: 200KB - Virtual size: 200KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 72KB - Virtual size: 71KB