VC[.]rar | Triage

Resubmissions

12-01-2025 19:10

250112-xvm37svnas 7

12-01-2025 18:50

250112-xgz6lswrhn 8

Sharing

Copy URL

Twitter E-mail

General

Target

VC.rar
Size

995.6MB
MD5

3ece731d79f14c5efddbbdd2a1d9026e
SHA1

3c1664392576e829d945a539b93847a173c7f1d1
SHA256

a8dc4a2757eea918ceccfdad51a7482a05792405f2db3d7185963082099c83ae
SHA512

082a74a8998a84cac2ef7b7b0148f3732f784c1577b31d554c5a3d341a34c25334d2890f768286d3bc9a79fbc6dd6dbc4c32ee899bd020c9b84f03e9d1f2f3e5
SSDEEP

25165824:qNuPekzhXEZ1TFELUPNbR3lLkG1XF3zByOKWtcjiJtyxc:qN0hX0HvPL13zIwty6

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/autorun.exe
unpack001/data/fargus.scr

Files

VC.rar
.rar
Autorun.inf
Setup.exe
.exe windows:4 windows x86 arch:x86

a1cc3ebca20750fea9a269fc4e1bb288

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerInstallFileA

kernel32

GetModuleHandleA
GetCommandLineA
AddAtomA
lstrcpyA
GetStartupInfoA
ExitProcess
LockResource
SetErrorMode
LocalFree
FormatMessageA
CreateProcessA
LoadResource
FindResourceA
OpenEventA
FindResourceExA
DeleteFileA
SetEvent
CreateDirectoryA
lstrcpynA
lstrlenA
lstrcatA
lstrcmpiA
GetLastError
GetFileAttributesA
SetFileAttributesA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
GetTempFileNameA
RemoveDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GetPrivateProfileStringA
GetUserDefaultLangID
GetModuleFileNameA
RtlUnwind
GetAtomNameA
lstrlenW
Sleep
CloseHandle
WaitForSingleObject
WideCharToMultiByte
GetShortPathNameA
CreateFileA
CopyFileA
GetTempPathA

user32

GetDC
ReleaseDC
LoadImageA
CreateDialogParamA
EndPaint
MessageBoxA
GetWindowLongA
EndDialog
BeginPaint
TranslateMessage
SetWindowLongA
DialogBoxIndirectParamA
DestroyWindow
CreateDialogIndirectParamA
SetDlgItemTextA
GetClientRect
GetWindowRect
MoveWindow
CharLowerA
wsprintfA
PeekMessageA
IsDialogMessageA
GetDlgItem
DispatchMessageA
SendMessageA
CharUpperA
CharNextA
GetDesktopWindow

gdi32

BitBlt
UnrealizeObject
GetDeviceCaps
CreateHalftonePalette
GetObjectA
GetSystemPaletteEntries
GetDIBColorTable
CreatePalette
SelectPalette
RealizePalette
CreateCompatibleDC
DeleteDC
SelectObject

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

ole32

CoInitialize
CoFreeAllLibraries
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
VariantClear
SafeArrayGetElement
SysStringLen
SafeArrayGetLBound
SafeArrayGetUBound

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.ini
autorun.exe
.exe windows:4 windows x86 arch:x86

1f76da24b7ca85b712f493dbcbe3117e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetShortPathNameA
lstrcmpiA
CopyFileA
lstrlenA
lstrcatA
GetWindowsDirectoryA
lstrcpyA
TerminateProcess
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
ReadFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
LCMapStringW
CreateProcessA
LCMapStringA
SetEndOfFile
SetFilePointer
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
VirtualFree
WideCharToMultiByte
GetEnvironmentStrings
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapDestroy
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapCreate

user32

GetMessageA
ReleaseDC
GetDC
GetDesktopWindow
SetWindowTextA
MoveWindow
GetClientRect
UpdateWindow
InvalidateRect
SetWindowLongA
PtInRect
ScreenToClient
ShowWindow
EndDialog
SystemParametersInfoA
EndPaint
BeginPaint
LoadImageA
GetCursorPos
SetCapture
DialogBoxParamA
SendMessageA

gdi32

CombineRgn
PtInRegion
DeleteDC
CreateHalftonePalette
CreateDIBSection
RealizePalette
SelectPalette
GetDeviceCaps
DeleteObject
CreateRectRgn
SelectObject
GetObjectA
CreateCompatibleDC
BitBlt

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
data/fargus.bmp
data/fargus.scr
.exe windows:4 windows x86 arch:x86

2ec89c7300d638a3705edd7580ea2643

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetCommandLineA
FreeEnvironmentStringsW
WideCharToMultiByte
SetLastError
TlsGetValue
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
UnhandledExceptionFilter
GetVersionExA
Sleep
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
ExitProcess
GetStartupInfoA
lstrlenA
RtlUnwind
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
WriteFile
VirtualFree
GetLastError
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsA
HeapCreate
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy

user32

GetDesktopWindow
SetTimer
LoadImageA
SetWindowTextA
SetWindowRgn
MoveWindow
GetClientRect
UpdateWindow
InvalidateRect
SetWindowLongA
PtInRect
ScreenToClient
EndDialog
EndPaint
BeginPaint
GetCursorPos
SetCapture
SendMessageA
GetMessageA
GetWindowLongA
SetRect
GetForegroundWindow
IsWindow
SystemParametersInfoA
DefWindowProcA
SetCursor
PostMessageA
GetParent
PostQuitMessage
DispatchMessageA
TranslateMessage
CreateWindowExA
RegisterClassA
RegisterWindowMessageA
SetForegroundWindow
FindWindowA
LoadIconA
DialogBoxParamA
PeekMessageA
CharNextA
GetDC
ReleaseDC

gdi32

GetClipBox
CreateRectRgn
CreateCompatibleDC
GetObjectA
GetStockObject
Rectangle
CreatePen
CreateSolidBrush
OffsetRgn
SelectClipRgn
CreateEllipticRgn
SetBkMode
CombineRgn
PtInRegion
BitBlt
TextOutA
SelectObject
GetTextExtentPointA
SetTextColor
DeleteObject
CreateDIBSection
CreateFontA
CreatePolygonRgn
DeleteDC
CreateHalftonePalette
GetDeviceCaps
RealizePalette
SelectPalette

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
data1.cab
data1.hdr
data2.cab
data3.cab
ikernel.ex_
layout.bin
settings
setup.inx

Resubmissions

Sharing

General

Malware Config

Signatures

Files

a1cc3ebca20750fea9a269fc4e1bb288

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 107KB - Virtual size: 106KB

1f76da24b7ca85b712f493dbcbe3117e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 172KB - Virtual size: 169KB

2ec89c7300d638a3705edd7580ea2643

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 107KB - Virtual size: 106KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 172KB - Virtual size: 169KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB