Static task
static1
Behavioral task
behavioral1
Sample
8c4d48d55beff471be5adf7d685b1211a1283e71d77b05aa4529d990000628bf.exe
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral2
Sample
8c4d48d55beff471be5adf7d685b1211a1283e71d77b05aa4529d990000628bf.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
8c4d48d55beff471be5adf7d685b1211a1283e71d77b05aa4529d990000628bf
-
Size
4.0MB
-
MD5
eaf6514a3a9c46c00c121df60fde31bf
-
SHA1
3f3bb8735721d656b6e768d8e68a119623278634
-
SHA256
8c4d48d55beff471be5adf7d685b1211a1283e71d77b05aa4529d990000628bf
-
SHA512
5c1b2c2a18237440b1aca501efc067d58850512b57146281e26163fa579cb52152f51e6b233eadb31129e6cf810af0176c1bfcd3abad0263823a5358c5104e6d
-
SSDEEP
98304:2v/ZPhz3C3JSyobMIydOYpLO8qmOIhHiy:MbUobMIUzrqm1
Malware Config
Signatures
-
NSIS installer 1 IoCs
resource yara_rule sample nsis_installer_2
Files
-
8c4d48d55beff471be5adf7d685b1211a1283e71d77b05aa4529d990000628bf.exe windows x86
6680b0ed1c0e7d8544ee9dd2c7fb8c98
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
QueryPerformanceCounter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentDirectoryA
GetDriveTypeA
GetTimeZoneInformation
CreateFileA
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
VirtualQuery
GetSystemInfo
VirtualAlloc
GetModuleFileNameA
ExitProcess
ExitThread
GetFileType
SetStdHandle
RaiseException
GetSystemTimeAsFileTime
IsBadReadPtr
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
FindResourceExW
WaitForMultipleObjects
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreW
GetCurrentDirectoryW
GetProfileIntW
VirtualProtect
GetVersionExW
ResetEvent
PulseEvent
FindNextFileW
LocalFileTimeToFileTime
GlobalFlags
GetModuleHandleA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SetErrorMode
InterlockedIncrement
InterlockedDecrement
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameW
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
WritePrivateProfileStringW
CompareStringA
InterlockedExchange
lstrcmpA
GetCurrentThread
GetLocaleInfoW
ConvertDefaultLocale
EnumResourceLanguagesW
CreateEventW
SetEvent
GetVersion
GetCurrentProcessId
LocalAlloc
GetShortPathNameW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
MoveFileW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetCurrentProcess
DuplicateHandle
GetHandleInformation
CompareStringW
LoadLibraryA
LoadLibraryW
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetProcAddress
GetVersionExA
GetThreadPriority
SetLastError
MulDiv
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
TerminateThread
SuspendThread
ResumeThread
SetThreadPriority
CreateThread
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
CreateMutexW
GetLocalTime
GetModuleHandleW
CreateProcessW
WaitForSingleObject
GetPrivateProfileStringW
GetPrivateProfileIntW
CloseHandle
GetModuleFileNameW
DeleteFileW
SetFileAttributesW
WideCharToMultiByte
FindResourceW
lstrlenW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
RtlUnwind
lstrlenA
user32
GetMenuContextHelpId
CheckMenuRadioItem
SystemParametersInfoW
CreateDialogIndirectParamW
EndDialog
GetClipboardFormatNameA
GetClipboardFormatNameW
GetKeyNameTextW
MapVirtualKeyW
SetRectEmpty
GetAsyncKeyState
CharNextW
CopyAcceleratorTableW
MessageBeep
DestroyIcon
UnregisterClassW
GetDialogBaseUnits
MsgWaitForMultipleObjects
InSendMessage
IsClipboardFormatAvailable
WaitMessage
IsRectEmpty
GetTabbedTextExtentA
PtInRect
SetRect
InflateRect
UnionRect
SubtractRect
DispatchMessageA
GetMessageA
IsWindowUnicode
PeekMessageA
UnregisterClassA
DrawTextExW
DrawTextW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateW
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
RegisterClipboardFormatW
PostQuitMessage
GetCursorPos
GetMessageW
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
TabbedTextOutW
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
UnpackDDElParam
ReuseDDElParam
DestroyMenu
ShowWindow
SetCursor
ReleaseCapture
TranslateAcceleratorW
LoadAcceleratorsW
IsWindowEnabled
GetWindowThreadProcessId
CharUpperW
RegisterWindowMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SendDlgItemMessageW
SendDlgItemMessageA
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpW
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetKeyState
DestroyWindow
GetDlgCtrlID
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
EnableMenuItem
GetMessagePos
SetMenuContextHelpId
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
OpenIcon
CloseWindow
LoadIconW
LoadCursorW
PostThreadMessageW
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowLongW
MapDialogRect
EnableWindow
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageW
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetTopWindow
GetWindow
FindWindowExW
FindWindowW
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExW
DlgDirSelectExW
DlgDirListComboBoxW
DlgDirListW
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
IsIconic
HiliteMenuItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
DragDetect
PostMessageW
IsWindow
SendMessageW
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
DispatchMessageW
PeekMessageW
TranslateMessage
CheckMenuItem
DeleteMenu
CreatePopupMenu
LoadMenuIndirectW
ModifyMenuW
InsertMenuItemW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuDefaultItem
SetWindowLongW
SetMenuDefaultItem
CreateMenu
ScrollDC
GrayStringW
GetMessageTime
GetTabbedTextExtentW
LoadMenuW
advapi32
RegSetValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
SetFileSecurityW
GetFileSecurityW
RegCreateKeyW
SetThreadToken
RevertToSelf
OpenThreadToken
RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
shell32
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
comctl32
InitCommonControlsEx
shlwapi
PathRemoveExtensionW
PathFindExtensionW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
oledlg
OleUIInsertObjectW
OleUIConvertW
OleUIChangeIconW
OleUIEditLinksW
OleUIUpdateLinksW
OleUIPasteSpecialW
OleUIBusyW
oleacc
CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow
wininet
GopherGetAttributeW
GopherCreateLocatorW
FtpGetFileW
FtpPutFileW
FtpCommandW
FtpOpenFileW
FtpGetCurrentDirectoryW
HttpOpenRequestW
InternetErrorDlg
HttpAddRequestHeadersW
HttpSendRequestW
GopherGetLocatorTypeW
InternetGetLastResponseInfoW
GopherFindFirstFileW
InternetFindNextFileW
FtpFindFirstFileW
HttpQueryInfoW
HttpSendRequestExW
HttpEndRequestW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetSetOptionExW
InternetSetStatusCallbackW
InternetSetCookieW
InternetGetCookieW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectW
FtpDeleteFileW
FtpRenameFileW
FtpCreateDirectoryW
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
GopherOpenFileW
gdi32
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
UpdateColors
GetDeviceCaps
GetDCOrgEx
GetClipBox
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateCompatibleDC
SetTextColor
SetBkColor
GetObjectW
CreateDCW
RealizePalette
CreateMetaFileW
CloseMetaFile
CreateICW
CloseEnhMetaFile
ExtTextOutW
CreateBitmap
DeleteDC
GetStockObject
UnrealizeObject
GetObjectType
CreatePen
CreatePenIndirect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreateFontIndirectW
CreateFontW
CreateBitmapIndirect
SetBitmapBits
GetBitmapBits
SetBitmapDimensionEx
GetBitmapDimensionEx
CreateCompatibleBitmap
CreateDiscardableBitmap
CreatePalette
CreateHalftonePalette
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateEnhMetaFileW
CopyMetaFileW
DeleteMetaFile
EnumFontFamiliesExW
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutW
GetTextExtentPoint32W
GetTextAlign
GetTextFaceW
GetTextMetricsW
GetTextCharacterExtra
GetCharWidthW
GetFontLanguageInfo
GetCharacterPlacementW
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCW
GetOutlineTextMetricsW
GetCharABCWidthsW
GetFontData
GetKerningPairsW
GetGlyphOutlineW
StartDocW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatW
GetCharWidthFloatW
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
CreateRoundRectRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
winspool.drv
ClosePrinter
OpenPrinterW
GetJobW
DocumentPropertiesW
comdlg32
GetFileTitleW
ole32
CreateStreamOnHGlobal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
StgOpenStorageOnILockBytes
WriteClassStm
OleSaveToStream
OleIsRunning
OleQueryCreateFromData
OleQueryLinkFromData
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
GetClassFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
CreateGenericComposite
GetRunningObjectTable
CoLockObjectExternal
CoReleaseMarshalData
CoMarshalInterface
CoUnmarshalInterface
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CoRegisterMessageFilter
CoDisconnectObject
StringFromGUID2
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
OleDestroyMenuDescriptor
OleDuplicateData
CoTaskMemFree
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
CreateFileMoniker
CreateItemMoniker
OleRun
CreateILockBytesOnHGlobal
IsAccelerator
StgCreateDocfileOnILockBytes
ReadFmtUserTypeStg
OleGetIconOfClass
oleaut32
VariantChangeType
VariantInit
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
VariantClear
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
SysStringLen
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 844KB - Virtual size: 840KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ