CUS 630007428 - PAGOS ACH PSE TRANSACCIONAL[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

CUS 630007428 - PAGOS ACH PSE TRANSACCIONAL.zip
Size

2.0MB
MD5

c65e08c45f5d40fcc752bc5a3e8ba3e1
SHA1

586dd9b4d876137e2e9e92fe40064346b6452497
SHA256

cea0ab2f1dbb74f0331e68149e34456dafd48844cda0a56233b844caf08e7ddc
SHA512

4cf2d7202810f115a10ea75df8ef5657f9ac006c31a5d8cc188b2fdb9635c4be911bfa36489b0dfb6417ceefadf42cc7b43bf0c86e66f4ba5d818c96aaa66231
SSDEEP

49152:0icqnj8CQHZkWf2yfyUlTqDINQ+ULeLurX2usJcmrFd:jn5Q5kW+Q8X+ULeolsJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CUS 630007428 - PAGOS ACH PSE TRANSACCIONAL.exe

Files

CUS 630007428 - PAGOS ACH PSE TRANSACCIONAL.zip
.zip

Password: 6432
CUS 630007428 - PAGOS ACH PSE TRANSACCIONAL.exe
.exe windows:5 windows x86 arch:x86

Password: 6432

fce427aeb384f3668cbe7177c68c9850

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\实验区\V6\bin\V6Mon.pdb

Imports

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
GetStringTypeA
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
LoadLibraryW
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetLastError
GetWindowsDirectoryW
lstrcpyW
lstrcatW
lstrlenW
WinExec
WideCharToMultiByte
FormatMessageW
OpenProcess
CloseHandle
GetVersionExW
GetTimeZoneInformation
GetModuleFileNameA
WaitForSingleObject
DeviceIoControl
CreateFileW
CreateMutexW
ReleaseMutex
MulDiv
LocalFree
GlobalUnlock
GlobalLock
LCMapStringW
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
GlobalAlloc
GlobalSize
LCMapStringA
Sleep
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
HeapSize
CopyFileW
GlobalFree
SetLastError
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapFree
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetFileSize
GetFileAttributesW
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
FileTimeToSystemTime
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
FreeResource
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
InterlockedDecrement
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA

user32

UpdateLayeredWindow
EnableScrollBar
UnionRect
DrawFocusRect
DrawEdge
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
IsRectEmpty
IsMenu
GetSystemMenu
SetClassLongW
SetParent
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
DeleteMenu
WaitMessage
SetRectEmpty
UnregisterClassW
GetSysColorBrush
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
RedrawWindow
IsZoomed
PostQuitMessage
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
LoadMenuW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
IsCharLowerW
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetFocus
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetLastActivePopup
MessageBoxW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
DrawIconEx
OffsetRect
CopyRect
GetWindowThreadProcessId
AppendMenuW
CreatePopupMenu
SetForegroundWindow
LoadIconW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterWindowMessageW
DrawIcon
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
SetCursorPos
CopyIcon
LoadCursorW
InflateRect
ReleaseDC
GetDC
GetSysColor
IsWindow
SetCursor
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
GetKeyState
GetKeyNameTextW
PtInRect
GetMessagePos
SetTimer
MessageBeep
SetWindowLongW
KillTimer
GetWindow
EnumChildWindows
ScreenToClient
GetCursorPos
IsWindowVisible
GetClassNameW
ReleaseCapture
WindowFromPoint
ClientToScreen
SetCapture
GetCapture
GetParent
GetActiveWindow
GetClientRect
InvalidateRect
SendMessageW
GetDesktopWindow
GetWindowLongW
GetForegroundWindow
EnableWindow
PostMessageW
SetRect
GetSystemMetrics
GetWindowRect
GetMenuDefaultItem
CallWindowProcW
SetMenuDefaultItem
SendDlgItemMessageA
DrawFrameControl

gdi32

SetTextAlign
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
MoveToEx
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
Rectangle
CreateFontIndirectW
GetObjectW
GetStockObject
GetTextExtentPoint32W
CreateFontW
BitBlt
DPtoLP
CreateCompatibleDC
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegQueryValueW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW

shell32

SHGetFileInfoW
Shell_NotifyIconW
SHAppBarMessage
SHGetPathFromIDListW
DragQueryFileW
DragFinish
ShellExecuteW
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
StrStrIW
PathRemoveFileSpecW

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdiplusShutdown
GdiplusStartup
GdipCloneBitmapAreaI
GdipDrawImageRectI
GdipDrawString
GdipDeleteBrush
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCreateFromHDC
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdipDrawImageI

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 303KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 6432

Password: 6432

fce427aeb384f3668cbe7177c68c9850

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wtsapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

gdiplus

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 303KB - Virtual size: 304KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 303KB - Virtual size: 304KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB