Antivirus 2010[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Antivirus 2010.zip
Size

688KB
MD5

1876b2d886ec392d71f37423dfef0c11
SHA1

af78db6206cada4f780f030d45fcaa881f892a99
SHA256

61ff034c476d4060fbea6debc5f84494cf02f337a9a897ddb6b3eb3a28c16406
SHA512

9070d1c35ddc045c7d5aa7938d231d139437c0b363c72a71d1edf3b77ea40484869c92e3dc9b021c2897d224d3f2b6bcf64b4dcf44149da9d6cc15d4dfa9951e
SSDEEP

12288:OpPAMReuFMSWTyb6VGF8HVsIjAAorZfKsqJVXxJxqapClcV/5EEJOb/SZXA:WnRFMHGWVGSDAAorZfkJd006EQbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/[email protected]

Files

Antivirus 2010.zip
.zip

Password: mysubsarethebest
[email protected]
.exe windows:4 windows x86 arch:x86

Password: mysubsarethebest

7fbaa4ed437c6c11ecec3f2819b67132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate
DirectDrawCreateEx

user32

SetMenuItemBitmaps
GetClientRect
MapDialogRect
GetSysColorBrush
IsWindowEnabled
GetNextDlgGroupItem
CreateWindowExW
EnableMenuItem
DestroyWindow
GetWindowLongW
PostMessageW
DrawIcon
InvalidateRgn
GetParent
GetDesktopWindow
IsIconic
ValidateRect
SetActiveWindow
GetMenuState
IsWindowVisible
MessageBeep
SetMenu
EndDialog
SetTimer
DispatchMessageW
GetMenuCheckMarkDimensions
GetSystemMetrics
UpdateWindow
LoadBitmapW
GetKeyState
ModifyMenuW
GetActiveWindow
GetDlgItem
SetWindowContextHelpId
SetWindowPos
CheckMenuItem
GetCursorPos
GetFocus
CreateDialogIndirectParamW
GetWindow
PeekMessageW
IsWindow
EnableWindow
PostQuitMessage
GetNextDlgTabItem
TranslateMessage

kernel32

VirtualUnlock
GlobalAlloc
SetUnhandledExceptionFilter
InterlockedCompareExchange
GlobalHandle
GetTempPathW
QueryPerformanceCounter
WideCharToMultiByte
GetCurrentProcess
GetComputerNameW
ProcessIdToSessionId
GetVersionExW
LocalFree
ReleaseMutex
VirtualAlloc
CreateThread
GetSystemInfo
LCMapStringW
TerminateProcess
LoadResource
LeaveCriticalSection
SetEvent
lstrlenW
MultiByteToWideChar
GetProcAddress
RaiseException
IsDebuggerPresent
WaitForMultipleObjects
GetStartupInfoW
HeapSetInformation
FlushInstructionCache
CloseHandle
GetVersionExA
LoadLibraryW
LockResource
GetModuleHandleA
FindResourceW
GetProcessId
GetThreadLocale
GetSystemDirectoryW
GetModuleFileNameW
VirtualFree
GlobalFree
GetLocaleInfoW
CreateMutexW
DeleteCriticalSection
FormatMessageW
OpenProcess
SetLastError
LocalAlloc
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryExW
FreeLibrary
FindResourceExW
InitializeCriticalSection
MulDiv
lstrlenA
WaitForSingleObject
GetCurrentThreadId
InterlockedDecrement
ResetEvent
VirtualLock
HeapFree
HeapReAlloc
HeapSize
GetLocaleInfoA
lstrcmpW
GlobalUnlock
LoadLibraryA
UnhandledExceptionFilter
CreateFileW
GetLastError
HeapAlloc
InterlockedExchange
EnterCriticalSection
GlobalLock
SizeofResource
InterlockedIncrement
IsProcessorFeaturePresent
CreateEventW
GetACP
Sleep
HeapDestroy
GetModuleHandleW

msvcrt

_controlfp
_amsg_exit
_initterm
__wgetmainargs
exit
log
__setusermatherr
_wtoi64
__set_app_type
iswdigit
_exit
memset
_cexit
_initterm
__p__fmode
?terminate@@YAXXZ
_wcmdln
memcpy
__p__commode
_XcptFilter

Sections

.text
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: mysubsarethebest

Password: mysubsarethebest

7fbaa4ed437c6c11ecec3f2819b67132

Headers

File Characteristics

Imports

ddraw

user32

kernel32

msvcrt

Sections

.text Size: 433KB - Virtual size: 432KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 336KB - Virtual size: 336KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 433KB - Virtual size: 432KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 336KB - Virtual size: 336KB

.rsrc
Size: 1024B - Virtual size: 1024B