Topic Torch[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Topic Torch.7z
Size

197KB
MD5

f1c4802a5a8d52fb2d87739ae8663613
SHA1

90af04fef0546d61d05ad0d481e21bab42a48768
SHA256

95e9ac0b0e094716d7d6520eb1ee8289e0f6c4f01ac826f4b0942445f10fbe8a
SHA512

95b4d860697acdfb4d3e9cd1ab7b484fd6598443adf4920ddc0b27a12e5379ac6c6d914bd00f02c5ee82458ab93a5b5d085ee345c8622a8323c587bf6d7b41e6
SSDEEP

6144:JESzwXtlYVavCgf60eJ9Yk2qDSy6pajZeK3sgNfSZ:JvwIgy0eJb6pajTcH

Score

1^/10

Malware Config

Signatures

Files

Topic Torch.7z
.7z

Password: harounisthebest
TopicTorchSetup.exe
.exe windows:5 windows x86 arch:x86

Password: harounisthebest

e8910e1c02db256c6466a65c5bbb9737

Code Sign

5f:3b:bf:9c:aa:bc:e7:c8:1a:b6:9a:bf:73:71:a0:64
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

25/07/2013, 00:00

Not After

25/07/2015, 23:59

Subject

CN=Best Download Manager,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Best Download Manager,L=Carlsbad,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:b8:5b:46:3e:3d:47:b1:45:85:a1:5e:6f:12:48:3e:f9:bf:a7:08
Signer

Actual PE Digest

54:b8:5b:46:3e:3d:47:b1:45:85:a1:5e:6f:12:48:3e:f9:bf:a7:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlW
HttpQueryInfoA
InternetSetOptionW
InternetOpenW
InternetAttemptConnect
InternetCloseHandle

rpcrt4

UuidCreate
UuidToStringW

version

GetFileVersionInfoW
VerQueryValueW

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrlenA
GetThreadLocale
FileTimeToSystemTime
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GetFileAttributesExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GlobalReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCPInfo
RtlUnwind
HeapReAlloc
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
TlsGetValue
LocalAlloc
GlobalFlags
InitializeCriticalSection
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
RaiseException
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
CompareStringA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
InterlockedIncrement
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
SetFilePointer
GetFileSize
ReadFile
CreateFileW
GetModuleFileNameW
GetSystemTime
GetTickCount
GlobalMemoryStatusEx
GetUserGeoID
HeapFree
GetProcessHeap
HeapAlloc
GetUserDefaultLangID
GetSystemDefaultLangID
DeleteFileW
GetTempFileNameW
GetTempPathW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
lstrlenW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LocalFree
FormatMessageW
WideCharToMultiByte
GetModuleHandleW
ResumeThread
Sleep
Process32NextW
TerminateProcess
OpenProcess
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcess
FreeLibrary
lstrcpyW
GetProcAddress
GetVersionExW
LoadLibraryW
GetSystemDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GlobalHandle
InterlockedCompareExchange
GetFileTime

user32

UnregisterClassW
SetRect
SetTimer
KillTimer
SetCapture
CharNextW
CopyAcceleratorTableW
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperW
RegisterClipboardFormatW
IsDialogMessageW
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
InvalidateRect
GetWindowThreadProcessId
IsWindowEnabled
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
RealChildWindowFromPoint
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
ShowWindow
DispatchMessageW
GetDlgItem
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetKeyState
SetMenu
SetForegroundWindow
RedrawWindow
IsWindowVisible
ValidateRect
UpdateWindow
MessageBoxW
GetClassInfoExW
RegisterClassW
ScreenToClient
EqualRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
PtInRect
UnhookWindowsHookEx
GetActiveWindow
GetMenuItemID
AdjustWindowRectEx
IsWindow
GetWindowLongW
SetWindowLongW
GetMenu
CreateWindowExW
GetSubMenu
GetMenuItemCount
DestroyMenu
GetDesktopWindow
PostThreadMessageW
IntersectRect
OffsetRect
WinHelpW
GetWindowRect
GetAsyncKeyState
ReleaseCapture
GetCursor
ClientToScreen
LoadImageW
PostMessageW
MessageBoxExW
LoadIconW
EnableWindow
LoadCursorW
MapWindowPoints
GetParent
GetSysColorBrush
GetSysColor
SystemParametersInfoW
EnumDisplayMonitors
SetRectEmpty
CopyRect
GetMonitorInfoW
GetSystemMetrics
GetClientRect
SendMessageW
GetClassNameW
GetWindow
DefWindowProcW
GetClassInfoW
MoveWindow
SetActiveWindow
SetWindowTextW
GetTopWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
SelectObject
ExtTextOutW
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
Escape
GetViewportExtEx
TextOutW
CreateDIBitmap
GetTextMetricsW
CreatePatternBrush
CreatePen
CreateSolidBrush
GetObjectW
GetStockObject
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
RectVisible
PtVisible
DeleteObject
GetDeviceCaps
GetClipBox
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateRectRgnIndirect

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
OpenProcessToken
RegSetValueW
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHRegGetValueW

ole32

CLSIDFromProgID
CoCreateGuid
CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
VariantTimeToSystemTime
LoadRegTypeLi
DispCallFunc
VariantCopy
VariantChangeType
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
SysStringLen
OleCreateFontIndirect
SystemTimeToVariantTime
SysAllocString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

iphlpapi

GetAdaptersInfo

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: harounisthebest

Password: harounisthebest

e8910e1c02db256c6466a65c5bbb9737

Code Sign

5f:3b:bf:9c:aa:bc:e7:c8:1a:b6:9a:bf:73:71:a0:64Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

54:b8:5b:46:3e:3d:47:b1:45:85:a1:5e:6f:12:48:3e:f9:bf:a7:08Signer

Headers

DLL Characteristics

File Characteristics

Imports

wininet

rpcrt4

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

iphlpapi

oleacc

Sections

.text Size: 342KB - Virtual size: 342KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 13KB - Virtual size: 33KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 49KB - Virtual size: 48KB

5f:3b:bf:9c:aa:bc:e7:c8:1a:b6:9a:bf:73:71:a0:64
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

54:b8:5b:46:3e:3d:47:b1:45:85:a1:5e:6f:12:48:3e:f9:bf:a7:08
Signer

.text
Size: 342KB - Virtual size: 342KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 13KB - Virtual size: 33KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 49KB - Virtual size: 48KB