EF_Commander_Free_24[.]08[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

EF_Commander_Free_24.08.zip
Size

2.7MB
MD5

0c9e4d4c4297a15d7158eaf11523c60c
SHA1

5c41f398114578ec05632a373aa22a3d3ce7ebf7
SHA256

3ea777adc872e14c7715ed70f81f9576652993ded09de88e5b62e7a6312f2a1f
SHA512

6ae12c41b508e173bc07d8546b7d05f749a5404362ad8328aff22a4904c6f9e786d5dde0fc84de62d10e6e268b1271cc0317122e1409fcb41b231ec8a5c938f4
SSDEEP

49152:qxhR5X/h+MWrgcY2+5PJV2ujtwjKqQNtgQtPFmI7YMRvRGCEuuNvK3TVNHgFBMxr:+z5vxv2+5Xfjt3T2I7tRQPdeZxg/Mz0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EF_Commander_Free_24.08.exe

Files

EF_Commander_Free_24.08.zip
.zip

Password: infected
EF_Commander_Free_24.08.exe
.exe windows:5 windows x86 arch:x86

Password: infected

b569a6c39b118e60f9644b5958e635ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
CreateThread
GetTempPathW
SetFilePointer
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
WriteFile
MulDiv
LocalFree
FormatMessageW
GetWindowsDirectoryW
GetEnvironmentVariableW
DeleteFileW
CopyFileW
MoveFileW
FindClose
FindNextFileW
FindFirstFileW
LoadLibraryW
SetErrorMode
FreeLibrary
GetCurrentProcess
GetProcAddress
GetModuleFileNameW
GetModuleHandleW
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetLastError
HeapFree
RtlUnwind
LCMapStringA
LCMapStringW
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
VirtualAlloc
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
lstrcpynW
GetFullPathNameW
GetFileSize
ReadFile
CloseHandle
CreateFileW
GetFileAttributesW
RaiseException
GetSystemDefaultLangID

user32

IsDlgButtonChecked
CheckDlgButton
ShowWindow
SetWindowPos
GetWindowRect
GetDesktopWindow
PostMessageW
SetClassLongW
DestroyMenu
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetWindowTextW
EndDialog
LoadIconW
DialogBoxParamW
OemToCharBuffA
LoadCursorW
SetCursor
GetSystemMetrics
GetClientRect
GetDlgItemTextW
GetActiveWindow
MessageBoxW
SendMessageW
FindWindowA
GetWindowTextA
SetWindowTextA
GetDC
ReleaseDC
GetDlgItem
GetCursorPos
SetDlgItemTextW
SetWindowTextW
SetDlgItemTextA

gdi32

CreateFontIndirectW
GetDeviceCaps

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

OleUninitialize
CoCreateInstance
OleInitialize

comctl32

ord17

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b569a6c39b118e60f9644b5958e635ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 10KB - Virtual size: 10KB