Static task
static1
General
-
Target
Setup-744375.zip
-
Size
31.8MB
-
MD5
73e557cd92e29d12009afbdc51c84e5f
-
SHA1
2d01ac3b4d1ed69cb849536c6d9a3b33bf21b395
-
SHA256
496523d9fcda3e9e7e099bd4db1c0227df1470c9dbfbcc79e2358fa529dc2987
-
SHA512
b6da70299881307162c6436fa51eeac6ef0d05a2464f67b2ee6d811af23b6bf2ad1df55b65fba2464ccd5d161cf6c89d3476522634baca973746d07ab5034775
-
SSDEEP
786432:7Qhw17Zmilat3l4d/6eZ3geX4h/75GIwimHr29hVkqX:7Qqpat+73ToVCimK/VPX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Install_2023.exe
Files
-
Setup-744375.zip.zip
-
Install_2023.exe.exe windows:6 windows x86 arch:x86
20a4c4513b4ccd669319434f8db1fad2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathFileExistsW
kernel32
FindFirstFileA
InitializeSListHead
LocalFree
GetStartupInfoW
lstrcatA
GetDateFormatW
LoadLibraryA
GetFileAttributesA
SetFilePointer
GetTickCount
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
GetVersionExA
SetFileAttributesW
SetCurrentDirectoryW
HeapFree
SetFileAttributesA
TlsSetValue
WideCharToMultiByte
GetLocaleInfoW
CreateFileW
CreateThread
QueryPerformanceFrequency
GetCPInfo
ExitProcess
WaitForSingleObject
GetEnvironmentVariableA
RtlUnwind
GetACP
FileTimeToSystemTime
InitializeCriticalSection
GetModuleHandleExW
TerminateProcess
VirtualFree
GetConsoleMode
HeapAlloc
GetModuleFileNameA
GlobalMemoryStatus
GetFileType
GetStringTypeW
RaiseException
GetProcessAffinityMask
SetEnvironmentVariableA
SetFileTime
CompareStringW
CreateDirectoryA
GetFileAttributesExW
HeapReAlloc
TryAcquireSRWLockExclusive
GetModuleHandleA
PeekNamedPipe
FindNextFileW
ReadConsoleW
GetCurrentProcess
UnhandledExceptionFilter
IsValidCodePage
GetFileSize
SetLastError
LeaveCriticalSection
GetCurrentThreadId
GetFileSizeEx
GetUserDefaultLCID
FreeEnvironmentStringsW
ResetEvent
GetFinalPathNameByHandleW
LoadLibraryExW
MultiByteToWideChar
GetDriveTypeW
TlsGetValue
EncodePointer
GetModuleHandleW
GetOEMCP
GetModuleFileNameW
AcquireSRWLockExclusive
GetProcAddress
FreeLibrary
LCMapStringEx
FlushFileBuffers
WriteFile
IsProcessorFeaturePresent
GetCurrentProcessId
SetStdHandle
FindClose
CreateDirectoryW
GetStdHandle
GetFileInformationByHandle
SetEvent
InitializeCriticalSectionEx
FormatMessageW
VerSetConditionMask
GetCommandLineW
SetEndOfFile
MoveFileExW
FormatMessageA
GetFullPathNameW
GetFileAttributesW
SetFilePointerEx
DeleteCriticalSection
SetUnhandledExceptionFilter
TlsAlloc
VirtualAlloc
GetSystemDirectoryW
ReleaseSRWLockExclusive
WriteConsoleW
GetCurrentDirectoryW
GetLastError
GetTempPathA
Sleep
DeleteFileA
FindFirstFileW
SystemTimeToTzSpecificLocalTime
RemoveDirectoryA
FindNextFileA
DeleteFileW
CloseHandle
GetTempPathW
GetCurrentDirectoryA
GetConsoleCP
ReleaseSemaphore
VerifyVersionInfoW
GetTimeFormatW
RemoveDirectoryW
GetProcessHeap
GetVersion
SetCurrentDirectoryA
CreateSemaphoreA
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
FindFirstFileExA
IsValidLocale
lstrlenA
IsDebuggerPresent
LCMapStringW
WaitForMultipleObjects
GetSystemTimeAsFileTime
GetSystemInfo
EnterCriticalSection
QueryPerformanceCounter
LoadLibraryW
ReadFile
CreateEventA
WakeAllConditionVariable
HeapSize
CreateFileA
GetLocaleInfoEx
AreFileApisANSI
WaitForSingleObjectEx
GetTickCount64
TlsFree
EnumSystemLocalesW
GetCommandLineA
SleepEx
DecodePointer
user32
GetDlgItem
ShowWindow
LoadStringA
CharUpperA
wsprintfA
GetWindowLongA
DialogBoxParamW
DestroyWindow
KillTimer
SetTimer
MessageBoxA
LoadStringW
SetWindowLongA
DialogBoxParamA
SetWindowTextW
SetWindowTextA
EndDialog
CharUpperW
SendMessageA
MessageBoxW
LoadIconA
PostMessageA
shell32
ShellExecuteExA
oleaut32
VariantClear
SysAllocStringLen
SysStringLen
bcrypt
BCryptGenRandom
advapi32
CryptCreateHash
CryptImportKey
CryptAcquireContextW
CryptDestroyHash
CryptEncrypt
CryptHashData
CryptGetHashParam
CryptDestroyKey
CryptReleaseContext
crypt32
PFXImportCertStore
CertCreateCertificateChainEngine
CertCloseStore
CertGetCertificateChain
CertFindExtension
CertEnumCertificatesInStore
CryptQueryObject
CryptDecodeObjectEx
CertGetNameStringW
CertAddCertificateContextToStore
CertFindCertificateInStore
CertFreeCertificateChain
CertOpenStore
CryptStringToBinaryW
CertFreeCertificateContext
CertFreeCertificateChainEngine
wldap32
ord216
ord301
ord145
ord219
ord46
ord14
ord147
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ord167
ord142
ord79
ord133
ws2_32
gethostname
htons
getsockopt
send
WSACloseEvent
WSAEventSelect
WSACreateEvent
freeaddrinfo
getaddrinfo
WSAResetEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
WSAStartup
WSACleanup
ioctlsocket
setsockopt
WSAIoctl
__WSAFDIsSet
select
accept
bind
connect
getsockname
htonl
listen
recv
socket
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
recvfrom
sendto
getpeername
Sections
.text Size: 6.0MB - Virtual size: 6.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 201KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ