saicrack-main[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

saicrack-main.zip
Size

7.7MB
MD5

6020d0e52b03b60c551123bd0ded4ec7
SHA1

29a138f065fcee63a76ec6292bb9f6319f02d6f1
SHA256

aad3b30d397753c771ea1b9d2c3301e6f44e7fbcb2901993aa0036cad03ded16
SHA512

11d30c7ba25a60c66b10eea3ad6a3e1c92c2713a2c68c19d7fe580e791540901871902fa50a45eedca45ddeed2b20163e86cb625a822802fb74022fe0bb4778f
SSDEEP

196608:uQaqJ6SlZRjfV0dqyXLluRjKTtoeMZDHFoDI6/CXDaOsTo6d7KQ5:uRqJ6SljfVi3XZu1KarDHF0/CDaOsBmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/saicrack-main/sai-1.2.5-ful-en.exe
unpack002/sai2.exe
unpack001/saicrack-main/saicrack.exe

Files

saicrack-main.zip
.zip
saicrack-main/README.md
saicrack-main/sai-1.2.5-ful-en.exe
.exe windows:4 windows x86 arch:x86

608cf01940f01c9722c73923488f9a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateFileA
WaitForSingleObject
GetWindowsDirectoryA
GetModuleFileNameA
CreateMutexA
GetStartupInfoA
GetModuleHandleA
WriteFile
FormatMessageA
MultiByteToWideChar
GetFileAttributesA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GlobalFree
GlobalAlloc
InitializeCriticalSection
GetVersionExA
GetCurrentProcess

user32

GetPropA
RemovePropA
PostQuitMessage
SetPropA
LoadImageA
DialogBoxParamA
MessageBoxA
EndDialog
GetWindowLongA
SetWindowLongA
RedrawWindow
PostMessageA
SendMessageA
IsDlgButtonChecked
CheckDlgButton
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
EnableWindow
SetWindowTextA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHChangeNotify
SHGetSpecialFolderPathA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

msvcrt

__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_adjust_fdiv
__p__commode
__set_app_type
_except_handler3
_controlfp
__p__fmode
atoi
_makepath
_beginthreadex
strncat
_stricmp
_ftol
fprintf
malloc
fclose
fseek
calloc
free
strncpy
_snprintf
_splitpath
_mbsinc
_mbsnextc
_vsnprintf
fopen
fread
fwrite
ftell

imagehlp

MakeSureDirectoryPathExists

comctl32

ord17

shlwapi

PathRemoveBackslashA
SHDeleteKeyA
SHSetValueA
PathAddBackslashA
SHDeleteValueA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
saicrack-main/sai2-20201128-64bit-en.zip
.zip
history.txt
init/blotmap/Blots&Noise.bmp
init/blotmap/Blots.bmp
init/bristle/Bristle.bmp
init/bristle/Flat Bristle.bmp
init/bristle/Flat Face.bmp
init/brshape/Water Blur.bmp
init/brshape/Water Blur.ini
init/brushtex/Canvas.bmp
init/brushtex/Paper.bmp
init/papertex/Canvas.bmp
init/papertex/Paper.bmp
init/papertex/Water Color 1.bmp
init/papertex/Water Color 2.bmp
init/scatter/Stars.bmp
init/scatter/Stars.ini
sai2.exe
.exe windows:5 windows x64 arch:x64

3f4e5b2257e4954cfcc27505623dbd07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\MyProjects\SYSTEMAX\sai2-branch\bin64\sai2.pdb

Imports

kernel32

SystemTimeToFileTime
FlushFileBuffers
WriteFile
SetFilePointerEx
ReadFile
GetFileSizeEx
DeleteFileW
CreateFileW
Sleep
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
FileTimeToSystemTime
GetFileAttributesW
CompareFileTime
CompareStringW
GetPrivateProfileIntW
ReleaseSemaphore
GlobalAlloc
GlobalFree
LocalAlloc
LocalFree
FileTimeToLocalFileTime
SwitchToThread
CopyFileW
GetPrivateProfileStringW
CreateMutexW
GetLastError
GetProcAddress
CloseHandle
GetDiskFreeSpaceExW
lstrlenA
GetSystemTime
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetCurrentProcess
SetPriorityClass
GlobalLock
GlobalUnlock
GetTickCount
GetCurrentThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
ResetEvent
SetEvent
EnterCriticalSection
LeaveCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
VirtualQuery
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RtlVirtualUnwind
RtlLookupFunctionEntry
FreeLibrary
SetFilePointer
GetFileSize
FormatMessageW
LoadLibraryW
RaiseException
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
GlobalMemoryStatusEx
RtlCaptureContext
SetThreadAffinityMask
GetProcessAffinityMask
ResumeThread
CreateEventW
CreateSemaphoreW
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
DeviceIoControl
SetFileTime
SetEndOfFile
FlushViewOfFile
SetLastError
MoveFileExW
CreateDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetEnvironmentVariableW
GetDriveTypeW
DebugBreak
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetVersionExW
GetCPInfo
GetSystemInfo
RtlUnwindEx
HeapFree
HeapAlloc
GetCommandLineA
GetStartupInfoA
VirtualProtect
ExitThread
CreateThread
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
LCMapStringA
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSetInformation
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
RtlPcToFileHeader

user32

DestroyIcon
LoadCursorW
GetAncestor
ReleaseCapture
WaitMessage
GetMessageW
GetDlgCtrlID
SetCapture
DefWindowProcW
SetWindowLongPtrW
GetSystemMenu
MoveWindow
SystemParametersInfoW
GetWindowRect
AdjustWindowRectEx
CreateWindowExW
GetSystemMetrics
DrawTextW
FillRect
GetWindowLongPtrW
EnableWindow
RegisterClassExW
GetSysColor
RedrawWindow
MapWindowPoints
SetLayeredWindowAttributes
FrameRect
GetClientRect
GetPropW
SetPropW
MonitorFromWindow
CreatePopupMenu
SetMenuInfo
CreateMenu
GetScrollPos
SetScrollInfo
SetScrollRange
SetScrollPos
GetMenuItemInfoW
GetMenuItemCount
EnableMenuItem
CheckMenuItem
ClientToScreen
SetWindowRgn
GetMonitorInfoW
MonitorFromRect
IsZoomed
GetWindowTextW
SetWindowTextW
GetWindowLongW
SetWindowLongW
IsWindowEnabled
DrawIconEx
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
ScreenToClient
SetWindowPlacement
SetParent
GetClassLongPtrW
PostThreadMessageW
LoadIconW
SendInput
GetDlgItem
mouse_event
MessageBoxW
DeferWindowPos
EndDeferWindowPos
BeginDeferWindowPos
SetCaretPos
ShowCaret
CreateCaret
DestroyCaret
HideCaret
IsChild
GetKeyState
GetNextDlgTabItem
DestroyMenu
GetWindowDC
ReleaseDC
GetWindowPlacement
SetCursor
SetWindowPos
MessageBeep
GetParent
SetActiveWindow
BeginPaint
EndPaint
RegisterClipboardFormatW
SetFocus
ShowWindow
ReplyMessage
SetForegroundWindow
GetMenuInfo
IsIconic
DestroyWindow
PostQuitMessage
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
DeleteMenu
AppendMenuW
InsertMenuItemW
GetCapture
GetFocus
SendMessageW
GetAsyncKeyState
SetTimer
KillTimer
PeekMessageW
TranslateMessage
DispatchMessageW
EnumThreadWindows
UpdateWindow
PostMessageW
MsgWaitForMultipleObjects
GetDC
ScrollWindowEx
GetWindowThreadProcessId
EnumChildWindows

gdi32

CreateRectRgn
BitBlt
ExtSelectClipRgn
OffsetClipRgn
SelectClipRgn
DeleteDC
DeleteObject
CreateSolidBrush
SelectObject
GetTextExtentExPointW
CreateDIBSection
CreateCompatibleBitmap
GetCurrentObject
CreateCompatibleDC
SetTextColor
GetDeviceCaps
GetCharacterPlacementW
GetGlyphOutlineW
GetTextExtentPoint32W
ExtTextOutW
GetTextMetricsW
CreateFontIndirectW
CreateRectRgnIndirect
ExtCreateRegion
CombineRgn
GetRegionData
CreateDIBitmap
EnumFontFamiliesExW
GetStockObject
RectVisible
SetBkMode
SetBkColor
SetDIBitsToDevice

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetPathFromIDListW
CommandLineToArgvW
ord21
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetSettings
SHGetFileInfoW
DragQueryFileW
DragFinish
DragAcceptFiles
SHFileOperationW
SHGetSpecialFolderPathW

ole32

OleDuplicateData
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
StringFromIID
CoCreateInstance
OleUninitialize
OleInitialize
CoTaskMemAlloc
DoDragDrop
ReleaseStgMedium

imm32

ImmNotifyIME
ImmGetCompositionStringW
ImmGetContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx

comctl32

ImageList_GetIconSize
ImageList_GetIcon

shlwapi

StrRetToBufW
PathCanonicalizeW
PathIsRelativeW

rpcrt4

UuidCreate

advapi32

EqualSid
RegOpenKeyExW
RegCloseKey
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
FreeSid
RegQueryValueExW

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 621KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.appskin
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srclibs
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sai2.ini
saicrack-main/saicrack.exe
.exe windows:5 windows x86 arch:x86

b8d12c04de39a167757fe4a34efa01e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleFileNameW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetCommandLineW
GetStartupInfoW
GetTempPathA
GetLastError
LoadLibraryExA
Sleep
RemoveDirectoryA
CreateDirectoryA
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
DecodePointer
EncodePointer
SetConsoleCtrlHandler
HeapFree
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
HeapAlloc
DeleteFileA
FindNextFileA
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
SetHandleCount
GetStdHandle
DeleteCriticalSection
GetModuleHandleW
ExitProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
WideCharToMultiByte
GetFullPathNameA
CloseHandle
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
GetCurrentDirectoryW
GetFileAttributesA
MultiByteToWideChar
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LoadLibraryW
FlushFileBuffers
CompareStringW
SetEnvironmentVariableA
GetDriveTypeW
SetEndOfFile
GetProcessHeap
GetTimeZoneInformation
LCMapStringW
WriteConsoleW
GetStringTypeW
HeapSize
CreateFileW
SetEnvironmentVariableW

ws2_32

ntohl

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
saicrack-main/saicrack.py

Sharing

General

Malware Config

Signatures

Files

608cf01940f01c9722c73923488f9a07

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

msvcrt

imagehlp

comctl32

shlwapi

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 10KB

3f4e5b2257e4954cfcc27505623dbd07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

imm32

comctl32

shlwapi

rpcrt4

advapi32

oleaut32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.code Size: 2KB - Virtual size: 2KB

.rdata Size: 621KB - Virtual size: 620KB

.data Size: 33KB - Virtual size: 191KB

.pdata Size: 114KB - Virtual size: 114KB

.shared Size: 512B - Virtual size: 8B

.tls Size: 4KB - Virtual size: 4KB

.appskin Size: 1.6MB - Virtual size: 1.6MB

.srclibs Size: 437KB - Virtual size: 436KB

.rsrc Size: 168KB - Virtual size: 168KB

b8d12c04de39a167757fe4a34efa01e6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 10KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.code
Size: 2KB - Virtual size: 2KB

.rdata
Size: 621KB - Virtual size: 620KB

.data
Size: 33KB - Virtual size: 191KB

.pdata
Size: 114KB - Virtual size: 114KB

.shared
Size: 512B - Virtual size: 8B

.tls
Size: 4KB - Virtual size: 4KB

.appskin
Size: 1.6MB - Virtual size: 1.6MB

.srclibs
Size: 437KB - Virtual size: 436KB

.rsrc
Size: 168KB - Virtual size: 168KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 5KB - Virtual size: 5KB