Static task
static1
Behavioral task
behavioral1
Sample
sysprep.EXE.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
sysprep.EXE.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
sysprep.EXE.exe
-
Size
456KB
-
MD5
c4902edd754b9c51d4ee1ee4df6a9d5a
-
SHA1
c9ef6324069f3f336a066a15225c02abb1ff93ba
-
SHA256
d93e7ac46397f1d6fa895fe081cc7c85ce460e4a4ce741d56d88bab60c42836f
-
SHA512
134871c2bf1e2ed8f748f2ee7443c0a60ae1b3cd357b1a06774d92b844b5d1a9182564178eb8e80006025a961034253db10248451b04f91718f25c7556651cf6
-
SSDEEP
6144:Nayi8U4MooP5Sc1LU6xMsW0jiQ/RUu+1cX97XQA1FwxDAbUvBV8hCTTN53Wy:0yPP7oP66xT+Q/RvIq2A4DAbU5VtTr
Malware Config
Signatures
Files
-
sysprep.EXE.exe.exe windows
64f8411142db260dbaa6bdab918f4623
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetHandleCount
SetLastError
SetNamedPipeHandleState
SetProcessWorkingSetSize
SetStdHandle
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForDebugEvent
WaitForMultipleObjects
SetFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
WaitNamedPipeW
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProcessMemory
WriteProfileStringA
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcatA
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
SetFilePointerEx
SetFilePointer
SetFileAttributesA
SetEvent
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
SetCurrentDirectoryW
SetCurrentDirectoryA
RtlUnwind
RtlCaptureContext
ResumeThread
ResetEvent
RemoveDirectoryW
RemoveDirectoryA
ReleaseSemaphore
ReleaseMutex
RegisterWaitForSingleObject
ReadProcessMemory
ReadFile
RaiseException
WaitForMultipleObjectsEx
QueryPerformanceFrequency
QueryDosDeviceW
OutputDebugStringW
OutputDebugStringA
OpenThread
OpenProcess
OpenFile
MultiByteToWideChar
MulDiv
MoveFileExW
MoveFileExA
MoveFileA
MapViewOfFile
LockResource
LocalUnlock
LocalLock
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsWow64Process
IsValidLocale
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
IsDBCSLeadByte
IsBadReadPtr
IsBadCodePtr
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeSListHead
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetVolumePathNamesForVolumeNameW
GetVolumeInformationW
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetUserDefaultLangID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemTimes
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDirectoryA
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetStringTypeW
GetStringTypeExW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetShortPathNameW
GetShortPathNameA
GetProcessTimes
GetProcessId
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileIntA
GetOverlappedResult
GetOEMCP
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
GetLongPathNameW
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileTime
GetFileSizeEx
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetConsoleAliasExesLengthA
GetComputerNameW
GetComputerNameExW
GetCommandLineW
GetCommandLineA
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindVolumeClose
FindResourceW
FindResourceExW
FindResourceA
FindNextVolumeW
FindNextFileW
FindNextFileA
FindFirstVolumeW
FindFirstFileW
FindFirstFileExW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
EncodePointer
DuplicateHandle
DosDateTimeToFileTime
DisconnectNamedPipe
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DecodePointer
DebugActiveProcessStop
DebugActiveProcess
CreateThread
CreateSemaphoreW
CreateProcessW
CreateProcessA
CreateNamedPipeW
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
ContinueDebugEvent
ConnectNamedPipe
CompareStringW
CompareStringA
CloseHandle
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
user32
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
SetMenuItemInfoW
SetParent
SetPropA
SetPropW
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowContextHelpId
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowsHookExA
SetWindowsHookExW
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
ShowWindowAsync
SubtractRect
SystemParametersInfoA
SystemParametersInfoW
TabbedTextOutW
ToUnicodeEx
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
ValidateRect
WaitForInputIdle
WaitMessage
WinHelpA
WinHelpW
WindowFromPoint
wsprintfA
wsprintfW
wvsprintfW
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MoveWindow
MonitorFromWindow
MonitorFromPoint
ModifyMenuW
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
MapVirtualKeyExW
MapVirtualKeyA
MapDialogRect
LockWindowUpdate
LoadStringW
LoadStringA
LoadMenuW
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageW
LoadImageA
LoadIconW
LoadCursorW
LoadCursorFromFileW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsMenu
IsIconic
IsDlgButtonChecked
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharLowerW
IsCharAlphaW
IsCharAlphaNumericW
IsCharAlphaNumericA
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetWindow
GetUpdateRect
SetDlgItemTextW
GetTabbedTextExtentW
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetScrollBarInfo
GetPropW
GetPropA
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMonitorInfoW
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMessageA
GetMenuStringW
GetMenuStringA
GetMenuState
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetMenuContextHelpId
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetComboBoxInfo
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetClassInfoA
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumDisplaySettingsW
EnumDisplaySettingsA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDesktopWindows
EnumClipboardFormats
EnumChildWindows
EndTask
EndPaint
EndDialog
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawTextA
DrawStateW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyAcceleratorTable
DeleteMenu
DeferWindowPos
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
DefDlgProcW
DdeSetUserHandle
DdeFreeDataHandle
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIconIndirect
CreateIcon
CreateDialogParamW
CreateDialogIndirectParamW
CreateAcceleratorTableW
CountClipboardFormats
CopyRect
CopyImage
SetCursorPos
SetCursor
SetClipboardViewer
SetClipboardData
SetClassLongW
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageTimeoutA
SendMessageA
SendDlgItemMessageW
SendDlgItemMessageA
ScrollWindowEx
ScrollWindow
ScreenToClient
ReuseDDElParam
RemovePropW
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassW
RegisterClassExW
RegisterClassA
RedrawWindow
LoadIconA
IsCharUpperW
ActivateKeyboardLayout
RealChildWindowFromPoint
PtInRect
PostThreadMessageW
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
GetTopWindow
NotifyWinEvent
CopyIcon
CopyAcceleratorTableW
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharToOemBuffA
CharToOemA
CharNextW
CharNextA
CharLowerW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsW
CallWindowProcW
CallWindowProcA
CallNextHookEx
CallMsgFilterW
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AttachThreadInput
AppendMenuW
AnimateWindow
AllowSetForegroundWindow
AdjustWindowRectEx
AdjustWindowRect
GetSystemMenu
gdi32
GetLayout
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextAlign
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceA
GetTextMetricsW
GetViewportOrgEx
GetWinMetaFileBits
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineTo
MaskBlt
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
PatBlt
Pie
PlayEnhMetaFile
PolyBezier
PolyBezierTo
Polygon
Polyline
PtVisible
RealizePalette
RectVisible
Rectangle
GetEnhMetaFilePaletteEntries
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectBrushLocal
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBitmapBits
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetDIBitsToDevice
SetEnhMetaFileBits
SetLayout
SetMapMode
SetPaletteEntries
SetPixel
SetPixelV
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
TranslateCharsetInfo
UnrealizeObject
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetCurrentObject
GetClipBox
GetBrushOrgEx
GetBkColor
GetBitmapBits
GdiGetBatchLimit
GdiFlush
GdiEntry12
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
Escape
EnumFontsW
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePolyPolygonRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontW
CreateFontIndirectW
CreateFontIndirectA
CreateFontA
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyMetaFileW
CopyEnhMetaFileW
CombineRgn
CloseEnhMetaFile
Chord
BitBlt
ArcTo
Arc
ResizePalette
AbortDoc
AngleArc
advapi32
MakeSelfRelativeSD
RegQueryValueExA
AddAce
AllocateAndInitializeSid
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSidToSidW
CopySid
EqualSid
UnregisterTraceGuids
TraceEvent
SetTokenInformation
SetSecurityDescriptorSacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
SetNamedSecurityInfoW
RegisterTraceGuidsW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
RegOpenKeyW
MakeAbsoluteSD
IsValidSid
InitializeSid
InitializeSecurityDescriptor
InitializeAcl
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
GetSidSubAuthority
GetSidLengthRequired
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorLength
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
GetAce
FreeSid
shell32
ExtractIconExW
ShellHookProc
ShellExecuteW
ShellAboutA
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHIsFileAvailableOffline
SHInvokePrinterCommandW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetPathFromIDList
CheckEscapesW
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
Shell_NotifyIconA
SHAppBarMessage
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHGetFileInfoA
SHGetFolderPathW
ole32
CoCreateGuid
StringFromGUID2
shlwapi
PathAppendW
PathCanonicalizeW
PathIsRelativeW
PathRemoveExtensionW
PathRemoveFileSpecW
PathStripPathW
SHQueryValueExW
StrChrA
StrChrW
StrRChrIA
StrRChrIW
StrRStrIA
StrStrA
comctl32
CreateToolbarEx
ImageList_AddMasked
ImageList_Destroy
ImageList_Draw
ImageList_DrawEx
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_SetOverlayImage
InitCommonControlsEx
imm32
ImmAssociateContext
ImmDestroyContext
ImmDisableIME
ImmDisableTextFrameService
ImmEscapeW
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetConversionStatus
ImmGetGuideLineW
ImmGetIMEFileNameW
ImmGetOpenStatus
ImmGetProperty
ImmIsIME
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmSetConversionStatus
ImmSetOpenStatus
ImmSimulateHotKey
ImmCreateContext
Sections
.text Size: 352KB - Virtual size: 351KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ