31d972ddb8b7ee4b311beb5b0d534e2abf345a5a7859f3c2bfcb6dc6c001dbea

Sharing

Copy URL Twitter E-mail

General

Target

31d972ddb8b7ee4b311beb5b0d534e2abf345a5a7859f3c2bfcb6dc6c001dbea
Size

7.3MB
MD5

fd07f09f0b8527f7bdf33c0a9cdec0d5
SHA1

833e9d6a2786e276c7ee5ac9fed3821f9818c881
SHA256

31d972ddb8b7ee4b311beb5b0d534e2abf345a5a7859f3c2bfcb6dc6c001dbea
SHA512

d268bc77e377ca90e2afc80a1d6aa2bc4f2b0edf7f019d10d917a53cea2699578f991f521cd3db9826afcdd0a6be8576da0c1018f93141d6d81483ef8420076e
SSDEEP

98304:N/McluJvB35C2+kQE/rLg/OXSh818R66AAr93jN4IjCY4DgRWbeVvZ8xF+z23Hyq:57G/HgF8MA23R45QAbSihHy3Kdn9dCcV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/20241010_install.exe

Files

31d972ddb8b7ee4b311beb5b0d534e2abf345a5a7859f3c2bfcb6dc6c001dbea
.zip
20241010_install.exe
.exe windows:6 windows x64 arch:x64

d0aa4da1b3ebe2cf1e91a8b599b2dec0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

uxtheme

GetThemeColor
GetThemeInt
GetThemePartSize
OpenThemeData
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
GetCurrentThemeName
IsAppThemed
IsThemeActive
SetWindowTheme
GetThemeBool
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
ord47

dwmapi

DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmEnableBlurBehindWindow

oleaut32

SysAllocString
SysFreeString
SafeArrayCreateVector
SafeArrayPutElement

imm32

ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd

gdi32

GetDIBits
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
SetLayout
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
CreateBitmap
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx

kernel32

GetModuleHandleExW
FreeLibrary
lstrcmpW
GetLastError
GetCurrentThreadId
GetModuleHandleW
GetProcAddress
LocalFree
FormatMessageW
WTSGetActiveConsoleSessionId
ExpandEnvironmentStringsW
CloseHandle
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalUnlock
GlobalLock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
GetUserDefaultLangID
CreateFileW
GetFileSize
ReadFile
WriteFile
CreateFileMappingW
GetTimeZoneInformation
UnmapViewOfFile
WideCharToMultiByte
ExitProcess
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
MultiByteToWideChar
LCMapStringW
CompareStringW
RegisterWaitForSingleObject
UnregisterWaitEx
SetFilePointerEx
SetEndOfFile
GetFileType
FlushFileBuffers
GetFileInformationByHandleEx
SystemTimeToFileTime
FileTimeToSystemTime
VirtualFree
VirtualAlloc
CreateMutexW
TzSpecificLocalTimeToSystemTime
MoveFileExW
MoveFileW
CopyFileW
DeviceIoControl
SetErrorMode
GetVolumePathNamesForVolumeNameW
GetTempPathW
SetFileTime
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
GetStartupInfoW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesExW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
SwitchToThread
WaitForMultipleObjects
Sleep
WaitForSingleObject
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
CreateEventW
WaitForSingleObjectEx
SetEvent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
OutputDebugStringW
GetLocalTime
GetSystemTime
GetCommandLineW
CompareStringEx
GetConsoleWindow
GetDriveTypeW
GetVolumeInformationW
GetLongPathNameW
GetGeoInfoW
GetUserGeoID
GetExitCodeProcess
GetStringTypeW
GetCPInfo
SetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionAndSpinCount
MapViewOfFileEx
lstrlenW
RtlPcToFileHeader
FindResourceExW
MapViewOfFile
LockResource
SizeofResource
FindResourceW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
RtlUnwind
LoadLibraryExW
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
SetFileAttributesW
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
GetStdHandle
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
IsValidLocale
EnumSystemLocalesW
GetFileSizeEx
SetEnvironmentVariableW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
InitializeCriticalSection
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
LoadResource
LCMapStringEx
DecodePointer
ReleaseMutex

ole32

OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitialize
DoDragDrop
CoUninitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoCreateGuid
CoGetMalloc
CoInitializeEx

shell32

SHGetKnownFolderPath
CommandLineToArgvW
SHGetFileInfoW
SHGetStockIconInfo
ord727
ShellExecuteW
SHCreateItemFromIDList
SHCreateItemFromParsingName
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect

user32

GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
ToUnicode
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
GetCaretBlinkTime
MessageBeep
IsWindow
GetDoubleClickTime
GetDesktopWindow
GetSysColor
ReleaseDC
GetDC
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSystemMetrics
MapVirtualKeyW
TrackPopupMenuEx
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
RegisterClassW
EnumDisplayDevicesW
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
RegisterDeviceNotificationW
CloseTouchInputHandle
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
ToAscii
SetCursor
UnregisterDeviceNotification
MsgWaitForMultipleObjects
SetMenu
GetWindowTextW

winmm

timeSetEvent
timeKillEvent
timeGetTime
PlaySoundW

shlwapi

StrChrW

userenv

GetUserProfileDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

NetShareEnum
NetApiBufferFree

ws2_32

WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
socket
recv
connect
bind
InetNtopW
freeaddrinfo
getaddrinfo
WSAStringToAddressW
WSAIoctl
WSASetLastError
shutdown
setsockopt
send
select
ntohs
htons
getsockopt
getsockname
getpeername
ioctlsocket
__WSAFDIsSet
WSAGetLastError
WSAAsyncSelect
WSACleanup
WSAStartup
closesocket

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SystemFunction036
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
OpenProcessToken
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetLengthSid
MapGenericMask
LookupAccountSidW
GetEffectiveRightsFromAclW
GetNamedSecurityInfoW
BuildTrusteeWithSidW

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0aa4da1b3ebe2cf1e91a8b599b2dec0

Headers

DLL Characteristics

File Characteristics

Imports

wtsapi32

uxtheme

dwmapi

oleaut32

imm32

gdi32

kernel32

ole32

shell32

user32

winmm

shlwapi

userenv

version

netapi32

ws2_32

advapi32

Sections

.text Size: 10.6MB - Virtual size: 10.6MB

.rdata Size: 3.7MB - Virtual size: 3.7MB

.data Size: 91KB - Virtual size: 169KB

.pdata Size: 448KB - Virtual size: 447KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 81KB - Virtual size: 84KB

.reloc Size: 49KB - Virtual size: 49KB

.text
Size: 10.6MB - Virtual size: 10.6MB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 91KB - Virtual size: 169KB

.pdata
Size: 448KB - Virtual size: 447KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 81KB - Virtual size: 84KB

.reloc
Size: 49KB - Virtual size: 49KB