Static task
static1
General
-
Target
2Take1Menu-794873.zip
-
Size
17.9MB
-
MD5
038b2dcf4f452c2e997cf16ed205d248
-
SHA1
e6e217ac438b6ea2dd1771f38bc703ff643df06c
-
SHA256
267eb3c30ded1845ec1a7349baafc76435a2abc6285763172c1fcc2dabb0d656
-
SHA512
b057567b274a309cc1567e9775dc41e2aeea0614fb7a544cc5202fff3bfa4d7d4a60fb0c4c5eb1354e9802d22ab1810ac111dc41215c92195018d9867ae31fc6
-
SSDEEP
393216:ZVnfUt2AmVIcf5na4IyYhFZDkR9ox/onpWBfUyBE2V:ZVn8ABVPBa4HYhFZDkR9oGUBXWK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Install_02026.exe
Files
-
2Take1Menu-794873.zip.zip
-
Install_02026.exe.exe windows:6 windows x86 arch:x86
5988e6058399342b7bab73e1fe4adf61
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetFileAttributesA
RaiseException
GetCPInfo
SetUnhandledExceptionFilter
GetTempPathW
ExitProcess
GetTempPathA
FreeLibrary
Sleep
SetFilePointerEx
GetStringTypeW
ReadFile
HeapAlloc
HeapReAlloc
CreateThread
CreateEventA
SetLastError
RtlUnwind
GetModuleFileNameA
ReleaseSRWLockExclusive
GetCommandLineW
CreateDirectoryW
InitializeCriticalSectionEx
CreateFileA
GetFileSize
VirtualAlloc
GetProcAddress
TlsGetValue
GetStartupInfoW
VirtualFree
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
GetCurrentDirectoryW
FindNextFileW
AcquireSRWLockExclusive
LeaveCriticalSection
GetFileType
WaitForSingleObject
TlsSetValue
FindFirstFileExA
GetConsoleCP
InitializeSListHead
FindNextFileA
FormatMessageA
GetStdHandle
SetCurrentDirectoryA
GetVersionExA
MoveFileExW
DeleteFileW
FindFirstFileW
AreFileApisANSI
GetCurrentProcessId
CreateDirectoryA
FindFirstFileA
InitializeCriticalSection
IsProcessorFeaturePresent
GetConsoleMode
SetFilePointer
RemoveDirectoryA
FreeLibraryAndExitThread
GetLastError
CreateProcessA
MultiByteToWideChar
GetModuleHandleW
GetFileAttributesW
RemoveDirectoryW
TlsFree
HeapSize
GetOEMCP
HeapFree
IsValidCodePage
ReleaseSemaphore
GetCommandLineA
GetFileInformationByHandle
GetCurrentProcess
LocalFree
TerminateProcess
WriteConsoleW
CreateFileW
WideCharToMultiByte
GetModuleHandleExW
FormatMessageW
EnterCriticalSection
SetStdHandle
CloseHandle
GlobalMemoryStatus
GetCurrentThreadId
FindClose
GetTickCount64
DeleteFileA
GetTickCount
SetFileAttributesA
SetEvent
UnhandledExceptionFilter
SetFileAttributesW
SetCurrentDirectoryW
TlsAlloc
GetEnvironmentStringsW
LCMapStringW
GetModuleHandleA
EncodePointer
LoadLibraryExW
IsBadReadPtr
ExitThread
GetProcessAffinityMask
LoadLibraryA
QueryPerformanceCounter
GetModuleFileNameW
SetFileTime
GetSystemInfo
GetProcessHeap
GetTempFileNameW
TryAcquireSRWLockExclusive
IsDebuggerPresent
ResetEvent
GetSystemDirectoryW
WriteFile
GetVersion
QueryPerformanceFrequency
GetCurrentDirectoryA
GetACP
WakeAllConditionVariable
FlushFileBuffers
GetSystemTimeAsFileTime
DeleteCriticalSection
LoadLibraryW
FreeEnvironmentStringsW
DecodePointer
SetEndOfFile
user32
ShowWindow
LoadStringA
SetWindowTextA
LoadStringW
PostMessageA
SetWindowTextW
DialogBoxParamW
LoadIconA
CharUpperW
EndDialog
KillTimer
CharUpperA
MessageBoxA
SendMessageA
SetTimer
GetDlgItem
SetWindowLongA
GetWindowLongA
DialogBoxParamA
MessageBoxW
DestroyWindow
shell32
ShellExecuteExA
oleaut32
VariantClear
SysAllocStringLen
SysStringLen
advapi32
CloseServiceHandle
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 570KB - Virtual size: 586KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ