876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b[.]7z

Resubmissions

14-12-2024 23:05

241214-2211vsyneq 10

14-12-2024 23:01

241214-2zqr4synbj 10

Sharing

Copy URL

Twitter E-mail

General

Target

876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b.7z
Size

511KB
MD5

dc2e5836a983b72879a305238c74c6ad
SHA1

6a7985b1f75c91b293a45430738d405576a99dde
SHA256

7917dc11a225990069364b7e1fb64f9a7f4510c3cf0cf0a097ef4295eba452dd
SHA512

a74a5f50c684b86ad7f2a6df4806b0297769b43a6daa1cc2b463144f6bd34b55ee9be08f12b471943698449018fae7e508ca380b12e10d42edca7629019227c0
SSDEEP

12288:C2U9TAVFGqvD61k/VhTNZcVU6ceMHQrJMs42aHV3IhG2p4G:CFcVxncqeMwioY4hG2pz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b

Files

876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b.7z
.7z

Password: infected
876511719fda2fab0438ad29f9cc2f8fd684c1897a88d433f7e9c3f2e85eac0b
.exe windows:4 windows x86 arch:x86

Password: infected

f2bb1e317bf94103a5c5115cd3e55303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
CommDlgExtendedError
ReplaceTextW
GetFileTitleW
ChooseFontW
GetSaveFileNameW

comctl32

ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_DragShowNolock

kernel32

SetStdHandle
WriteConsoleA
CreateFileA
GetConsoleOutputCP
WriteConsoleW
TlsSetValue
GetWindowsDirectoryW
SetSystemPowerState
VirtualProtect
LoadResource
CreateFileW
InitializeCriticalSection
FormatMessageW
SetTapeParameters
GetSystemTime
GetVersionExW
GetModuleHandleW
OpenProcess
GetProcessHeap
QueryPerformanceCounter
ExpandEnvironmentStringsW
GetDateFormatW
RemoveDirectoryW
TlsGetValue
GetSystemTimeAsFileTime
EnterCriticalSection
TlsAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetVersionExA
HeapAlloc
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetModuleHandleA
GetProcAddress
TlsFree
SetLastError
GetCurrentThreadId
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
CompareStringA
CompareStringW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f2bb1e317bf94103a5c5115cd3e55303

Headers

File Characteristics

Imports

comdlg32

comctl32

kernel32

Sections

.text Size: 418KB - Virtual size: 417KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 299KB - Virtual size: 328KB

.text
Size: 418KB - Virtual size: 417KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 299KB - Virtual size: 328KB