Download_Ready_963872[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Download_Ready_963872.exe
Size

10.0MB
MD5

96358a64c1d04133631d5d62896261b4
SHA1

e4ba6b515a3f15658db073aa9d4dc8508f305384
SHA256

aa0f111db49ef59be6f4856176d2528c02f620ee1a9ae3cf7255991e90171719
SHA512

850ed2e44c73922ae476d148e9c75b55023ee5e325292616e399f1f7f760409dea612778c8c75e1f1a835163a36ba0947808735368d51e41018fd6507e3c56b6
SSDEEP

196608:xP1LsD7/2EWQDVH4vfa08akMaWrryb5jm984vuDWe3GUYS5ema9yX3jUVYcsg/dS:xPfa08akMaWN840vGUYS5ePsgqv+XeLV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Download_Ready_963872.exe

Files

Download_Ready_963872.exe
.exe windows:6 windows x86 arch:x86

4cd82646a22243cff5ecbe799345e108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dwrite

DWriteCreateFactory

d2d1

ord1

kernel32

GetFileSize
GetConsoleMode
GetTimeFormatW
Sleep
GetCurrentThread
OutputDebugStringA
GetSystemTimeAsFileTime
GetFileType
WriteConsoleW
GetTimeZoneInformation
FlushFileBuffers
FindClose
GetTickCount64
InitializeCriticalSectionAndSpinCount
GetProcessHeap
LoadLibraryExW
ReleaseSRWLockExclusive
SetFilePointerEx
CloseHandle
FreeLibrary
GetEnvironmentStringsW
SetEnvironmentVariableA
GetFileSizeEx
ExitThread
GetTickCount
FreeLibraryAndExitThread
VerifyVersionInfoW
SetEndOfFile
AcquireSRWLockExclusive
GetCurrentProcessId
FindFirstFileExA
GetDriveTypeW
GetCommandLineA
WideCharToMultiByte
GetStdHandle
GetOEMCP
UnhandledExceptionFilter
TlsFree
GetProcAddress
GetModuleFileNameA
GetUserDefaultLCID
IsValidCodePage
GetCurrentProcess
QueryPerformanceFrequency
GetModuleHandleExW
ReadConsoleW
LoadLibraryW
GetDateFormatW
GetModuleFileNameW
MulDiv
InitializeSListHead
GetModuleHandleW
GetModuleHandleA
TerminateProcess
GetCPInfo
DeleteCriticalSection
HeapSize
GetLocaleInfoW
GetLastError
CreateEventW
FormatMessageW
SetUnhandledExceptionFilter
QueryPerformanceCounter
EncodePointer
LeaveCriticalSection
GetSystemDirectoryW
GetCurrentDirectoryW
GetFileAttributesExW
EnterCriticalSection
GetCurrentThreadId
RtlUnwind
IsValidLocale
CreateFileW
GetStringTypeW
TlsGetValue
FileTimeToSystemTime
DeleteFileW
SetStdHandle
WaitForMultipleObjects
DebugBreak
IsProcessorFeaturePresent
WaitForSingleObject
LocalFree
GetConsoleCP
MultiByteToWideChar
RaiseException
HeapFree
HeapReAlloc
LCMapStringW
ResetEvent
EnumSystemLocalesW
TlsSetValue
TlsAlloc
WaitForSingleObjectEx
FindNextFileA
GetStartupInfoW
HeapAlloc
CreateThread
LoadLibraryA
IsDebuggerPresent
OutputDebugStringW
GetEnvironmentVariableA
MoveFileExW
lstrlenA
SleepEx
WriteFile
lstrcatA
GetCommandLineW
PeekNamedPipe
GetFullPathNameW
ExitProcess
DecodePointer
SetEvent
ReadFile
InitializeCriticalSectionEx
FreeEnvironmentStringsW
VerSetConditionMask
SetLastError
SystemTimeToTzSpecificLocalTime
GetACP
CompareStringW

user32

CreateMenu
SetFocus
MapWindowPoints
SetCapture
TranslateMessage
EndPaint
UpdateWindow
GetDoubleClickTime
GetMessageW
wsprintfA
GetClassNameW
GetSystemMetrics
SetScrollInfo
PtInRect
KillTimer
RegisterClassW
GetWindowRect
SetTimer
GetClientRect
InvalidateRect
CreateWindowExW
GetMenuItemInfoW
DefWindowProcW
AdjustWindowRectEx
SendMessageW
UnregisterClassW
CreatePopupMenu
CallNextHookEx
SendMessageA
GetSysColor
GetScrollInfo
SetMenu
LoadCursorW
GetAncestor
DispatchMessageW
IsDialogMessageW
DestroyWindow
PostQuitMessage
LoadIconW
SetWindowsHookExW
GetActiveWindow
SetMenuItemInfoW
ReleaseDC
UnhookWindowsHookEx
BeginPaint
GetWindowLongW
EnableWindow
GetWindowTextW
IsChild
SetWindowTextW
GetDC
SetWindowPos
SystemParametersInfoW
ShowWindow
ReleaseCapture
GetKeyState
AppendMenuW
SetParent
ValidateRect
SetWindowLongW
GetUpdateRect
GetMessageTime

gdi32

BitBlt
DeleteDC
SetTextColor
GetTextExtentPoint32W
GetStockObject
CreatePatternBrush
GetDeviceCaps
DeleteObject
SetBrushOrgEx
CreateCompatibleDC
GetTextMetricsW
SelectObject
CreateFontIndirectW
CreateCompatibleBitmap
SetBkMode

advapi32

CloseServiceHandle
CryptAcquireContextW
CryptGetHashParam
CryptDestroyHash
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptReleaseContext
CryptEncrypt
CryptImportKey

ole32

CoInitialize
CoUninitialize
CoCreateInstance

bcrypt

BCryptGenRandom

Sections

.text
Size: 9.4MB - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cd82646a22243cff5ecbe799345e108

Headers

DLL Characteristics

File Characteristics

Imports

dwrite

d2d1

kernel32

user32

gdi32

advapi32

ole32

bcrypt

Sections

.text Size: 9.4MB - Virtual size: 9.4MB

.rdata Size: 286KB - Virtual size: 285KB

.data Size: 4KB - Virtual size: 8KB

.gfids Size: 1024B - Virtual size: 688B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 122KB - Virtual size: 122KB

.text
Size: 9.4MB - Virtual size: 9.4MB

.rdata
Size: 286KB - Virtual size: 285KB

.data
Size: 4KB - Virtual size: 8KB

.gfids
Size: 1024B - Virtual size: 688B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 122KB - Virtual size: 122KB