Antipain[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Antipain.zip
Size

20KB
MD5

5b8eefaa85310b75285ed72e45a3ef9a
SHA1

14529b6822091dcd04588c9aace5bb6df25483a9
SHA256

0d34485c251981662ec9ead0b9fbb176d1fda31ba01bfdef533294a766468b84
SHA512

09ae23ce6d2c5a5926afff6db27367d8ea5753b1713d196ab64dea801f2559f3a11b90d725670bec02e05545eb95bc714e1be6b4830ce765059b21ca3e8ff1a7
SSDEEP

384:ouQOObbZ5SJsoQlMgafgL1QD+pTFhmA5DhaqyRvFizw38YBx3fj:oTbbZ5poQD8s1QCpTrDAqEFd3dBxPj

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Antipain-safety.exe
unpack001/Antipain.exe

Files

Antipain.zip
.zip
Antipain-safety.exe
.exe windows:6 windows x86 arch:x86

ab7c106b0943fe0e86ed6d51c54d55fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Marlon2210\source\repos\TrojanCreator\Release\TrojanCreator.pdb

Imports

kernel32

GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetTickCount
ExitProcess
CreateThread
CloseHandle
TerminateThread
Sleep
VirtualAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW

user32

GetWindowRect
ReleaseDC
GetDC
MessageBoxW
GetSystemMetrics
GetWindowDC
GetDesktopWindow
InvalidateRect

gdi32

CreateEllipticRgn
BitBlt
Pie
SelectObject
CreateCompatibleDC
PatBlt
StretchBlt
PlgBlt
GetBitmapBits
TextOutW
SetTextColor
SetBitmapBits
SelectClipRgn
SetBkColor
SetStretchBltMode
DeleteObject
CreateSolidBrush
CreateBitmap

winmm

waveOutWrite
waveOutClose
waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader

vcruntime140

_except_handler4_common
memset
__current_exception_context
__current_exception

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_seh_filter_exe
_controlfp_s
terminate
_set_app_type
_register_thread_local_exe_atexit_callback
_cexit
_configure_narrow_argv
_c_exit
_crt_atexit
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_initialize_narrow_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Antipain.exe
.exe windows:6 windows x86 arch:x86

43263d989ed922622bd4a9b15ee31af1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Marlon2210\source\repos\TrojanCreator\Release\TrojanCreator.pdb

Imports

kernel32

IsProcessorFeaturePresent
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetTickCount
ExitProcess
GetProcAddress
CreateThread
LoadLibraryW
CloseHandle
TerminateThread
Sleep
CreateFileW
VirtualAlloc
TerminateProcess
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW

user32

GetWindowRect
ReleaseDC
GetDC
MessageBoxW
GetSystemMetrics
GetWindowDC
GetDesktopWindow
InvalidateRect

gdi32

BitBlt
Pie
SelectObject
CreateCompatibleDC
PatBlt
StretchBlt
PlgBlt
GetBitmapBits
TextOutW
SetTextColor
SetBitmapBits
SelectClipRgn
SetBkColor
SetStretchBltMode
DeleteObject
CreateSolidBrush
CreateEllipticRgn
CreateBitmap

winmm

waveOutWrite
waveOutClose
waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader

vcruntime140

_except_handler4_common
memset
__current_exception_context
__current_exception

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
_controlfp_s
terminate
_exit
_set_app_type
_cexit
system
_register_thread_local_exe_atexit_callback
_c_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReadMe.txt

Sharing

General

Malware Config

Signatures

Files

ab7c106b0943fe0e86ed6d51c54d55fc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 980B

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 1024B - Virtual size: 792B

43263d989ed922622bd4a9b15ee31af1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 980B

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 980B

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 1024B - Virtual size: 792B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 980B

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 1024B - Virtual size: 828B