Static task
static1
Behavioral task
behavioral1
Sample
4392a9f34c6095585aa1ef16c748b8c58f660560353c8599da296d2bed6e4c58.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4392a9f34c6095585aa1ef16c748b8c58f660560353c8599da296d2bed6e4c58.exe
Resource
win10v2004-20220812-en
General
-
Target
4392a9f34c6095585aa1ef16c748b8c58f660560353c8599da296d2bed6e4c58
-
Size
109KB
-
MD5
783d3348e7d544578f040e6a0c2f8c25
-
SHA1
dbccb384420bbac99fdf36df68377938eca98f40
-
SHA256
4392a9f34c6095585aa1ef16c748b8c58f660560353c8599da296d2bed6e4c58
-
SHA512
9d4b0779ef496579fc92adc1ac98e0b9bfd5d8ca9e1269c2dcb2ebf23478fef21459bf45b39bf9c32e3cd38be086f3cd4f1b0aff8dbdee7b9ea5e0324a2feecc
-
SSDEEP
3072:NCUs6nNx6HyLZkATUoiuz152pFMAdDtsr:NCEoyLZkA4oTSpFMcur
Malware Config
Signatures
Files
-
4392a9f34c6095585aa1ef16c748b8c58f660560353c8599da296d2bed6e4c58.exe windows x86
4ce99d5f03f32b13eaa5e08baf64a7fd
Code Sign
6d:bf:22:f9:41:d4:17:bb:44:54:f1:5a:f4:b9:f0:7cCertificate
IssuerCN=Root AgencyNot Before28-09-2011 20:05Not After31-12-2039 23:59SubjectCN=Joe's-Software-Emporiumc4:d2:50:0a:00:79:74:32:35:2d:76:ec:ee:f9:e0:44:4a:37:26:98Signer
Actual PE Digestc4:d2:50:0a:00:79:74:32:35:2d:76:ec:ee:f9:e0:44:4a:37:26:98Digest Algorithmsha1PE Digest MatchesfalseSignature Validations
TrustedfalseVerification
Signing CertificateCN=Joe's-Software-Emporium15-09-2022 14:52 Valid: false
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
opengl32
glNormal3f
glPopAttrib
glPopName
glVertex4d
glPointSize
glVertex2fv
glGetMaterialfv
glIndexsv
glTranslated
glMapGrid2f
glMapGrid2d
glReadBuffer
glMapGrid1d
glNormalPointer
glViewport
glMapGrid1f
glScissor
glTexEnvf
glTranslatef
glTexGeni
glLoadIdentity
glScalef
glTexGend
glRotatef
glTexEnvi
glDepthMask
glLightiv
glRectiv
glNormal3d
glEvalCoord2f
glMaterialfv
glGetFloatv
glTexCoord1dv
glTexCoord3iv
glTexCoord2s
glPushMatrix
glRects
glGetLightfv
glMaterialiv
glGetError
glBitmap
glLightModelf
glScaled
glu32
gluNewQuadric
gluDisk
gluBeginSurface
gluTessBeginContour
gluBuild1DMipmaps
gluTessVertex
gluScaleImage
gluPartialDisk
gluEndSurface
gluTessNormal
gluNewNurbsRenderer
gluTessEndPolygon
gluUnProject
gluDeleteTess
gluDeleteNurbsRenderer
gluErrorString
gluDeleteQuadric
gluNurbsSurface
gluSphere
gluGetTessProperty
ole32
CoLoadLibrary
OleDoAutoConvert
CoTreatAsClass
CoGetClassObject
CoFileTimeToDosDateTime
CoMarshalHresult
OleGetIconOfClass
OleRegGetMiscStatus
CreateDataAdviseHolder
OleSetAutoConvert
GetClassFile
CreateBindCtx
CoGetTreatAsClass
StringFromIID
CoGetObject
CreateFileMoniker
GetRunningObjectTable
CoReleaseServerProcess
CoGetMalloc
CoTaskMemAlloc
CoRegisterPSClsid
CreateClassMoniker
CoGetStdMarshalEx
CoDisconnectObject
CreateItemMoniker
CoGetPSClsid
CoResumeClassObjects
CoCreateGuid
CreateAntiMoniker
comctl32
InitCommonControlsEx
ord8
CreateToolbarEx
UninitializeFlatSB
ord15
DrawStatusTextW
ord16
CreateStatusWindowW
ord2
ord4
ord17
ord6
DestroyPropertySheetPage
PropertySheetA
ord3
ord5
ord13
urlmon
CreateAsyncBindCtx
shlwapi
StrRStrIW
StrRChrW
StrChrW
StrCSpnA
StrCSpnW
StrChrIW
StrCmpNA
StrStrA
StrChrA
StrToIntA
msvcrt
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__getmainargs
_except_handler3
_controlfp
_acmdln
exit
_XcptFilter
_exit
__set_app_type
kernel32
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
GetStartupInfoA
Sections
.text Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 90KB - Virtual size: 157KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE