trayit_4_6_5_5[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

trayit_4_6_5_5.zip
Size

327KB
MD5

9ee64693e63366b769429bb9a50b997d
SHA1

f79698d50dafe491c6e374f60488b9d95a34a6c0
SHA256

5b086bf87aff1dc4f9d371a20cd929dbe2eaa156f43d4b40ecb9170f1868618e
SHA512

6447f2bd3edea49700cea4258a0c8afc4d6e00196299bcf110fc0ce2957f4e5de34564f630801b40d6dd583fb6da80ec82e65030df58725db15682968f884263
SSDEEP

6144:2u707ivE7/FLEikUKGX58du0I5Ob4P5cXPPCMlh8wWMh28dHt8zmerZG:b07v7/FrkAX7APGwDs886er8

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/trayit_4_6_5_5/TrayIt!.exe
unpack001/trayit_4_6_5_5/trayit4!.dll

Files

trayit_4_6_5_5.zip
.zip
trayit_4_6_5_5/TrayIt!.exe
.exe windows:4 windows x86 arch:x86

c46fe79087ad331c695b11d25bded425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord6
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ImageList_Create
ord17
ImageList_LoadImageA
ImageList_Destroy

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

QueryPerformanceCounter
GetSystemInfo
VirtualProtect
GetLocaleInfoA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
LCMapStringW
LCMapStringA
HeapSize
IsBadWritePtr
VirtualAlloc
SetStdHandle
SetFilePointer
ReadFile
SetEndOfFile
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
CreateFileA
GetFileType
GetLastError
ReadProcessMemory
Process32First
Process32Next
OpenProcess
VirtualAllocEx
CreateToolhelp32Snapshot
Module32First
Module32Next
VirtualFreeEx
CloseHandle
GetVersionExA
GetStartupInfoA
GetCommandLineA
Sleep
GetCurrentProcessId
FreeLibrary
FindFirstFileA
FindNextFileA
FindClose
GetVersion
ExpandEnvironmentStringsA
WideCharToMultiByte
LoadLibraryA
GetModuleFileNameA
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
DeleteFileA
HeapReAlloc

user32

UpdateWindow
RegisterWindowMessageA
RegisterClassA
LoadIconA
GetClassInfoA
FindWindowA
GetMessagePos
DefWindowProcA
InsertMenuA
DeleteMenu
DialogBoxParamA
GetDC
GetSysColorBrush
ChildWindowFromPoint
IsDlgButtonChecked
EnableWindow
GetDlgItemTextA
CheckDlgButton
SendDlgItemMessageA
GetMessageA
KillTimer
SetTimer
CreatePopupMenu
InsertMenuItemA
DestroyMenu
TrackPopupMenu
SystemParametersInfoA
PostThreadMessageA
GetIconInfo
SendMessageA
MoveWindow
CreateIconIndirect
FillRect
EnumChildWindows
FindWindowExA
GetClassNameA
IsIconic
SetWindowLongA
DrawTextA
SetFocus
EndDialog
TranslateMessage
DispatchMessageA
LoadMenuA
SetMenu
DrawMenuBar
PostQuitMessage
SetDlgItemTextA
GetTopWindow
GetClientRect
GetWindowRect
GetClassLongA
SendMessageTimeoutA
LoadStringA
DestroyWindow
CreateWindowExA
GetDlgItem
MessageBoxA
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
SetWindowTextA
GetWindowTextA
ShowWindow
SetWindowPos
GetDesktopWindow
IsWindowVisible
wsprintfA
InvalidateRect
LoadCursorA
GetAsyncKeyState
EnableMenuItem
CheckMenuItem
SetCapture
SetCursor
GetWindow
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetWindowDC
ReleaseDC
GetMenu
IsWindow
GetSubMenu
PostMessageA
SetForegroundWindow
LoadImageA
DestroyIcon
GetSystemMetrics
MapWindowPoints
DrawIconEx

gdi32

SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateDCA
CreatePatternBrush
SetBrushOrgEx
GetDeviceCaps
ExtTextOutA
GetObjectA
CreateFontIndirectA
CreatePen
GetStockObject
SelectObject
SetROP2
LineTo
MoveToEx
SetBkMode
DeleteObject

comdlg32

GetSaveFileNameA

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
RegSetValueExA

shell32

Shell_NotifyIconA
ExtractIconExA
ShellExecuteExA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
IIDFromString
StringFromGUID2
CoUninitialize

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
trayit_4_6_5_5/TrayIt!.std
trayit_4_6_5_5/lang/Bulgarian/lang.txt
trayit_4_6_5_5/lang/Chinese/lang.txt
trayit_4_6_5_5/lang/Czech/icons.ico
trayit_4_6_5_5/lang/Czech/index.html
.html
trayit_4_6_5_5/lang/Czech/lang.txt
trayit_4_6_5_5/lang/Czech/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Czech/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/Dutch/lang.txt
trayit_4_6_5_5/lang/French/lang.txt
trayit_4_6_5_5/lang/German/lang.txt
trayit_4_6_5_5/lang/Hungarian/lang.txt
trayit_4_6_5_5/lang/Italiano/index.html
.html
trayit_4_6_5_5/lang/Italiano/lang.txt
trayit_4_6_5_5/lang/Italiano/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Italiano/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/Japanese/index.html
.html
trayit_4_6_5_5/lang/Japanese/lang.txt
trayit_4_6_5_5/lang/Japanese/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Japanese/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/Portuguese/index.html
.html
trayit_4_6_5_5/lang/Portuguese/lang.txt
trayit_4_6_5_5/lang/Portuguese/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Portuguese/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/Russian/lang.txt
trayit_4_6_5_5/lang/Spanish/index.html
.html
trayit_4_6_5_5/lang/Spanish/lang.txt
trayit_4_6_5_5/lang/Spanish/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Spanish/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/Turkish/index.html
.html
trayit_4_6_5_5/lang/Turkish/lang.txt
trayit_4_6_5_5/lang/Turkish/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/Turkish/system_tray.jpg
.jpg
trayit_4_6_5_5/lang/[English]/index.html
.html
trayit_4_6_5_5/lang/[English]/lang.txt
trayit_4_6_5_5/lang/[English]/menu_tray.jpg
.jpg
trayit_4_6_5_5/lang/[English]/system_tray.jpg
.jpg
trayit_4_6_5_5/readme.txt
trayit_4_6_5_5/translation.txt
trayit_4_6_5_5/trayit4!.dll
.dll windows:4 windows x86 arch:x86

9d11fb9ccc73c8d4c9c0d40bc42030ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcmpA
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
DisableThreadLibraryCalls
GetProcAddress

user32

SetForegroundWindow
SystemParametersInfoA
GetWindowThreadProcessId
CallNextHookEx
PostMessageA
GetParent
GetClassNameA
GetKeyState
SendMessageA
DestroyIcon
GetWindowLongA
FindWindowA
SetWindowsHookExA
SetWindowsHookExW
UnhookWindowsHookEx
IsWindow

Exports

Exports

_CallWndProc@12
_MouseProc@12
libRegisterHook
libShellTrayWnd
libUnRegisterHook

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 462B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c46fe79087ad331c695b11d25bded425

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 28KB

.rsrc Size: 100KB - Virtual size: 97KB

9d11fb9ccc73c8d4c9c0d40bc42030ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: - Virtual size: 20B

.shared Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 512B - Virtual size: 462B

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 28KB

.rsrc
Size: 100KB - Virtual size: 97KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: - Virtual size: 20B

.shared
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 512B - Virtual size: 462B