Static task
static1
Behavioral task
behavioral1
Sample
ed97cf996bda070de3b7fa1e75b762b1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ed97cf996bda070de3b7fa1e75b762b1.exe
Resource
win10v2004-20230220-en
General
-
Target
ed97cf996bda070de3b7fa1e75b762b1.bin
-
Size
1.7MB
-
MD5
ed97cf996bda070de3b7fa1e75b762b1
-
SHA1
76e1d9f13c9fa166fdf55dec2b2ff7360ead304a
-
SHA256
245e26334397094583014e5b9c55ef07d5e97594a2076bfb5ab76edc952bd313
-
SHA512
23debd26a7268e4d2d5f9233798ff3a20c6f2d93c681b8901ea929355ee68f47e931efe516aa3e70ccad43fcf84cde44728a79452a39f54712cbaa278108b3d4
-
SSDEEP
49152:PKZj3uw8bpQjcYjirAWonWlI4wARebvI1Y3I:SZruHQjcYDWLwCej73
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ed97cf996bda070de3b7fa1e75b762b1.bin
Files
-
ed97cf996bda070de3b7fa1e75b762b1.bin.exe windows x64
03810a903d409bdef41f488285d6a7ed
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetThreadLocale
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetTickCount
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetStringTypeW
GetTimeZoneInformation
MoveFileExW
GetFileAttributesExW
GetFileType
LCMapStringW
CompareStringW
GetStdHandle
HeapQueryInformation
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetVolumeInformationA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FormatMessageA
LocalFree
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
FindResourceA
GlobalUnlock
FreeResource
GlobalAddAtomA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalLock
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetCurrentThread
GetCurrentThreadId
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
MultiByteToWideChar
CreateEventA
GetProcAddress
ResetEvent
CreateThread
LoadLibraryA
WaitForSingleObject
GetTempFileNameA
ExitProcess
CloseHandle
GlobalFree
GlobalAlloc
GetVersionExA
CreateFileA
GetTempPathA
FindClose
GetEnvironmentVariableA
FindNextFileA
WriteFile
FindFirstFileA
GetModuleFileNameA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
HeapFree
user32
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollPos
GetDC
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
SetTimer
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
UnregisterClassA
EnableWindow
IsIconic
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetDesktopWindow
GetWindowDC
ReleaseDC
ClientToScreen
SetActiveWindow
GetNextDlgTabItem
RedrawWindow
GetClientRect
SendMessageA
LoadIconW
DrawIcon
GetSystemMetrics
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
PostMessageA
PostQuitMessage
SetCursor
IsWindowEnabled
MessageBoxA
GetWindowLongA
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
KillTimer
InvalidateRect
SetCapture
RealChildWindowFromPoint
ReleaseCapture
PostThreadMessageA
RegisterClipboardFormatA
DestroyMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
EndDeferWindowPos
LoadCursorA
GetSysColorBrush
gdi32
GetDeviceCaps
GetStockObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetMapMode
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetClipBox
Escape
DeleteObject
GetObjectA
SetTextColor
SetBkColor
DeleteDC
CreateBitmap
winspool.drv
OpenPrinterA
ClosePrinter
DocumentPropertiesA
advapi32
RegQueryValueA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
comctl32
InitCommonControlsEx
shlwapi
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathFindFileNameA
ole32
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
OleInitialize
oleaut32
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
VariantCopy
SysStringLen
oledlg
ord8
oleacc
LresultFromObject
CreateStdAccessibleObject
Sections
.text Size: 311KB - Virtual size: 310KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 135KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ