Static task
static1
Behavioral task
behavioral1
Sample
4354b5901432aab9db0d1a024b4aafd7.dll
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
4354b5901432aab9db0d1a024b4aafd7.dll
Resource
win10v2004-20230220-en
windows10-2004-x64
General
-
Target
4354b5901432aab9db0d1a024b4aafd7
-
Size
480KB
-
MD5
4354b5901432aab9db0d1a024b4aafd7
-
SHA1
501ca01ef814c0dba803cd983927c6dbfff04690
-
SHA256
32ecf4e08b1bfe1e02df5eaf34d473a7435b22e8b255f1452d3173da5dd8b737
-
SHA512
f2726bc3b32235df108646a9b2da1dad5fbb85474f0ec3b18a41ed8f0fdea06891b740368b197ccc105e8bee0e275d97385ecdae98923f585392d3d703dae51c
-
SSDEEP
12288:D64g2ffSelmmf5sOS77ttEusQb+4uJemrQeLvIp8ZugLeRme3OhYjD:D6D2f0tPsQLKjLS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4354b5901432aab9db0d1a024b4aafd7
Files
-
4354b5901432aab9db0d1a024b4aafd7.dll windows x86
1fe1399c1605bb1bb1793b721631fd19
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
TransmitCommChar
WriteTapemark
FileTimeToDosDateTime
lstrcpyA
lstrlenA
CreateSemaphoreA
CreateFileMappingNumaA
WriteProfileSectionW
GetPrivateProfileIntW
GetFullPathNameTransactedA
QueryDosDeviceA
GetCompressedFileSizeTransactedW
DeleteFileTransactedA
CopyFileExA
CreateNamedPipeA
GetFileBandwidthReservation
ReadDirectoryChangesW
CommConfigDialogW
FindFirstVolumeA
DeleteVolumeMountPointA
UnregisterApplicationRecoveryCallback
UnregisterApplicationRestart
CreateSymbolicLinkTransactedA
LCMapStringA
GetThreadLocale
GetUserPreferredUILanguages
GetNumberFormatEx
LCMapStringEx
CreateDirectoryW
GetLogicalDrives
GetLongPathNameW
InterlockedPushEntrySList
GlobalMemoryStatus
SetProcessWorkingSetSize
SetCommBreak
CreateMailslotW
EndUpdateResourceA
GlobalFindAtomA
AddAtomA
FindAtomA
WriteProfileStringW
CopyFileTransactedA
IsBadStringPtrA
MapUserPhysicalPagesScatter
ZombifyActCtx
GetLocaleInfoW
GetSystemDefaultLangID
SetConsoleCP
EnterCriticalSection
LeaveCriticalSection
ConvertFiberToThread
FindClose
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
DecodePointer
WriteConsoleW
HeapSize
SetStdHandle
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
CompareStringW
GetConsoleCP
WriteFile
GetConsoleMode
SetFilePointerEx
GetStdHandle
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
RtlUnwind
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DeleteAtom
GetSystemDirectoryW
SetEndOfFile
QueryDosDeviceW
GetFullPathNameW
GetFinalPathNameByHandleA
AddConsoleAliasW
EnumSystemCodePagesW
EnumSystemCodePagesA
EnumUILanguagesW
GetFileMUIPath
SetThreadLocale
GetSystemDefaultUILanguage
GetUserGeoID
GetNumberFormatW
LCMapStringW
GetACP
ReleaseActCtx
GetVolumeNameForVolumeMountPointA
FindNextVolumeMountPointW
FileTimeToSystemTime
UnregisterWait
CommConfigDialogA
GetNamedPipeServerProcessId
GetNamedPipeClientSessionId
CreateHardLinkW
CopyFileW
CheckNameLegalDOS8Dot3A
GetCompressedFileSizeTransactedA
CreateDirectoryExW
GetProfileSectionA
FindResourceA
GetLogicalDriveStringsA
_lread
lstrcpynA
lstrcmpA
GetMailslotInfo
SetTapeParameters
SetTapePosition
SetCommMask
GetCommState
GetCommProperties
GetCommConfig
SetupComm
SetFileShortNameA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
Beep
AreFileApisANSI
SetFileAttributesA
ReadFileScatter
ReadFile
GetVolumePathNameW
GetLogicalDriveStringsW
FindNextFileW
FindFirstFileW
GetEnvironmentVariableW
DisableThreadLibraryCalls
TerminateThread
CreateThread
SetErrorMode
EnumSystemLocalesEx
GetStringScripts
EnumSystemLanguageGroupsW
ConvertDefaultLocale
SetCalendarInfoA
GetLocaleInfoA
GetNamedPipeServerSessionId
MoveFileW
EnumResourceLanguagesA
GetLongPathNameTransactedW
GetModuleHandleW
GetNativeSystemInfo
GetCalendarInfoEx
GlobalFree
SetThreadAffinityMask
GetProcAddress
GetModuleHandleA
SetFileValidData
GetFileType
VerifyScripts
GetFileMUIInfo
IsValidLocale
EnumCalendarInfoW
EnumCalendarInfoA
SetCalendarInfoW
GetCPInfoExW
QueryActCtxSettingsW
GetApplicationRecoveryCallback
FindActCtxSectionStringA
SetVolumeMountPointW
FindFirstVolumeMountPointW
OpenPrivateNamespaceA
SetDefaultCommConfigA
BuildCommDCBAndTimeoutsA
WaitNamedPipeA
GetNamedPipeHandleStateA
FindFirstFileNameTransactedW
CreateHardLinkTransactedW
MoveFileTransactedA
DefineDosDeviceA
RemoveDirectoryTransactedW
RemoveDirectoryTransactedA
CreateDirectoryExA
SetDllDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetProfileSectionW
GetProfileIntA
GetAtomNameA
GlobalGetAtomNameW
GlobalAddAtomW
SetFirmwareEnvironmentVariableA
GetFirmwareEnvironmentVariableA
_lopen
lstrcatA
lstrcpyW
GetCommMask
SetFileShortNameW
SetFileCompletionNotificationModes
CreateFiberEx
GetLongPathNameTransactedA
GetShortPathNameA
LocalLock
GlobalLock
DeleteBoundaryDescriptor
EnumResourceLanguagesExW
AssignProcessToJobObject
GetSystemWindowsDirectoryW
GetWindowsDirectoryW
GetSystemDirectoryA
GlobalMemoryStatusEx
GetLastError
DecodeSystemPointer
FindFirstFileNameW
SetFilePointer
GetLongPathNameA
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
FlushFileBuffers
FindNextChangeNotification
FindCloseChangeNotification
DeleteVolumeMountPointW
CreateFileW
CreateFileA
EnumTimeFormatsEx
FindNLSStringEx
GetSystemDefaultLocaleName
GetLocaleInfoEx
EnumSystemLanguageGroupsA
GetUILanguageInfo
SetLocaleInfoA
GetCPInfoExA
WideCharToMultiByte
MultiByteToWideChar
CreateSymbolicLinkA
OpenFileById
ApplicationRecoveryFinished
GetApplicationRestartSettings
GetNumaNodeProcessorMask
CreateActCtxW
GetVolumePathNamesForVolumeNameA
FindVolumeMountPointClose
FindFirstVolumeMountPointA
DnsHostnameToComputerNameA
BuildCommDCBW
SetFileBandwidthReservation
CallNamedPipeA
CreateHardLinkA
MoveFileExW
CopyFileTransactedW
CopyFileExW
CheckNameLegalDOS8Dot3W
GetFullPathNameTransactedW
GetPrivateProfileStructW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionW
WritePrivateProfileStringA
GetAtomNameW
GlobalFindAtomW
EndUpdateResourceW
UpdateResourceA
GetStartupInfoA
OpenFile
lstrlenW
lstrcmpiW
SetMailslotInfo
FormatMessageW
GetTapeParameters
SetCommConfig
ClearCommBreak
DebugBreakProcess
DebugSetProcessKillOnExit
SetProcessAffinityMask
GlobalUnlock
GlobalAlloc
ClosePrivateNamespace
EnumResourceNamesExA
EnumResourceLanguagesExA
GetSystemFirmwareTable
EnumSystemFirmwareTables
GetProductInfo
GetLogicalProcessorInformation
TerminateProcess
QueryDepthSList
InterlockedFlushSList
Sleep
PeekNamedPipe
CreatePipe
CloseHandle
SetFileApisToOEM
GetTempPathA
GetCompressedFileSizeW
SetFileIoOverlappedRange
UnlockFile
SetFileAttributesW
LockFile
GetFileAttributesW
FindFirstFileA
DeleteFileA
InitializeCriticalSection
DefineDosDeviceW
user32
ShutdownBlockReasonQuery
GetListBoxInfo
GetWindowModuleFileNameW
UnhookWinEvent
DlgDirSelectExA
IsDialogMessageA
LoadBitmapW
GetClassLongA
SetClassWord
SetRect
FrameRect
GetCursor
GetDC
DestroyAcceleratorTable
VkKeyScanExA
ToAscii
AddClipboardFormatListener
GetDialogBaseUnits
CheckDlgButton
FlashWindowEx
CreateWindowExA
SendMessageCallbackA
GetUserObjectSecurity
PackDDElParam
DefRawInputProc
DlgDirListComboBoxA
DlgDirSelectExW
LoadIconA
SetWindowsHookExW
GetParent
GetClassLongW
SubtractRect
ClientToScreen
ShowCaret
SetPhysicalCursorPos
SetWindowTextA
SetPropW
EnableScrollBar
SetScrollPos
GetWindowRgnBox
AllowSetForegroundWindow
DrawStateA
HiliteMenuItem
LoadMenuW
CreateAcceleratorTableW
keybd_event
CharNextW
CharLowerBuffA
CharToOemW
EmptyClipboard
CallMsgFilterW
GetNextDlgGroupItem
AnimateWindow
IsMenu
RegisterClassExA
CallWindowProcW
PostMessageA
GetMessageTime
OpenWindowStationW
CreateWindowStationW
GetRegisteredRawInputDevices
GetRawInputBuffer
GetRawInputDeviceInfoA
GetWindowInfo
GetCursorInfo
NotifyWinEvent
SystemParametersInfoA
EnumDisplaySettingsW
GetScrollInfo
GetIconInfoExW
LoadIconW
GetClassNameW
SetProcessDefaultLayout
InflateRect
InvertRect
SetSysColors
GetWindowTextA
GetWindowRgn
WindowFromDC
SetMenuDefaultItem
InsertMenuItemW
SetMenuInfo
GetMenuStringA
SetMenu
MapVirtualKeyExW
GetFocus
CharLowerA
RegisterClipboardFormatW
GetClipboardSequenceNumber
GetDlgItemTextA
SetDlgItemTextW
PostThreadMessageW
RegisterDeviceNotificationW
SendMessageW
SwapMouseButton
RegisterHotKey
GetUserObjectInformationW
GetProcessWindowStation
LoadKeyboardLayoutA
DlgDirListA
DrawIconEx
SetWindowsHookExA
SetWindowLongW
ScrollWindowEx
DrawTextExA
AppendMenuA
SendInput
VkKeyScanExW
SetKeyboardState
CreateWindowExW
LookupIconIdFromDirectory
LoadCursorFromFileW
GetForegroundWindow
LoadStringW
GetMouseMovePointsEx
IsHungAppWindow
RegisterWindowMessageA
RegisterWindowMessageW
DrawCaption
GetMessageW
SetWindowLongA
TabbedTextOutA
GetRawInputData
UserHandleGrantAccess
GetMenuBarInfo
MonitorFromWindow
SetLastErrorEx
SoundSentry
EnumDisplaySettingsExW
DefFrameProcW
DlgDirListW
LoadImageW
LoadImageA
PrivateExtractIconsA
FindWindowExW
SetClassLongW
GetClassWord
LogicalToPhysicalPoint
DestroyCaret
GetMenuContextHelpId
SetWindowContextHelpId
AdjustWindowRectEx
GetWindowRect
ValidateRgn
ExcludeUpdateRgn
RegisterClassExW
TabbedTextOutW
GetMenuItemRect
TrackPopupMenuEx
TrackPopupMenu
ModifyMenuA
DestroyMenu
CreateMenu
GetMenuState
GetMenuStringW
GetSystemMetrics
TranslateAcceleratorW
TranslateAcceleratorA
GetCapture
mouse_event
ToAsciiEx
GetKeyboardType
IsCharLowerW
RegisterClipboardFormatA
CheckRadioButton
BeginDeferWindowPos
MoveWindow
GetLayeredWindowAttributes
GetClassInfoExA
GetClassInfoW
InSendMessage
SendNotifyMessageW
IsWow64Message
GetMessageExtraInfo
GetMessagePos
TranslateMessage
DrawFrameControl
DrawEdge
SetUserObjectInformationA
GetUserObjectInformationA
CreateWindowStationA
CreateDesktopExA
ActivateKeyboardLayout
GetAltTabInfoA
SetProcessDPIAware
BlockInput
InternalGetWindowText
DefMDIChildProcW
DlgDirListComboBoxW
IsDialogMessageW
CopyIcon
CreateIconIndirect
CreateIconFromResource
SendMessageTimeoutW
BroadcastSystemMessageExA
AttachThreadInput
PostQuitMessage
UnregisterClassA
UpdateLayeredWindow
OpenIcon
SetWindowPos
EndDialog
GetDlgItemTextW
SendDlgItemMessageA
ChangeClipboardChain
GetPriorityClipboardFormat
CharToOemA
OemToCharW
CharUpperA
IsCharAlphaNumericW
GetKBCodePage
GetKeyNameTextW
OemKeyScan
VkKeyScanA
MapVirtualKeyExA
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetMenuItemID
InsertMenuW
GetMenuInfo
InsertMenuItemA
GetMenuItemInfoA
GetMenuItemInfoW
DrawTextA
DrawTextW
GetDCEx
BeginPaint
GetScrollPos
GetScrollRange
AdjustWindowRect
MessageBeep
SetCursorPos
GetClipCursor
PhysicalToLogicalPoint
GetWindowLongA
SetParent
FindWindowExA
GetTopWindow
LoadCursorW
CreateCursor
LookupIconIdFromDirectoryEx
gdi32
GetCharWidthFloatA
StartPage
ExtEscape
GetBitmapBits
GetTextExtentExPointW
ExtSelectClipRgn
GetArcDirection
ExtTextOutW
CreateMetaFileA
DescribePixelFormat
GetObjectType
GetPolyFillMode
GetTextCharacterExtra
GetFontLanguageInfo
GetCharacterPlacementW
GetCharWidthI
RemoveFontResourceExA
GetWindowOrgEx
RectInRegion
RectVisible
SetMapperFlags
SetPolyFillMode
CopyEnhMetaFileW
PlayEnhMetaFile
AngleArc
EndPage
AbortDoc
StrokePath
CreatePolygonRgn
Polyline
SetBitmapDimensionEx
GdiFlush
GdiSetBatchLimit
GdiGetBatchLimit
SetDeviceGammaRamp
CreateCompatibleBitmap
CreateScalableFontResourceA
CreateBitmap
GetCharABCWidthsW
GetSystemPaletteUse
GetTextColor
SaveDC
SetMetaFileBitsEx
SetTextCharacterExtra
SetTextColor
CreateEnhMetaFileW
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GdiComment
CombineTransform
AbortPath
OffsetWindowOrgEx
UnrealizeObject
DeleteColorSpace
CancelDC
CreateFontW
CreateICA
CreateRectRgn
GetBkMode
GetSystemPaletteEntries
RemoveFontResourceExW
AddFontMemResourceEx
MaskBlt
RestoreDC
SetGraphicsMode
StartDocA
SelectClipPath
WidenPath
TextOutW
LPtoDP
PolylineTo
CheckColorsInGamut
GetLogColorSpaceW
GetTextFaceA
PolyBezier
DPtoLP
GetObjectW
CreateHalftonePalette
GetEnhMetaFileHeader
GetEnhMetaFileA
SetTextJustification
GetLayout
SetBkColor
SetMetaRgn
RemoveFontResourceA
RealizePalette
ResetDCW
Pie
OffsetRgn
GetWindowExtEx
GetCharABCWidthsI
GetTextExtentPointI
GetGlyphOutlineA
GetDeviceCaps
GetCurrentPositionEx
GetCharABCWidthsFloatW
GetDCBrushColor
FloodFill
ExtFloodFill
EqualRgn
CreatePen
CreateICW
CopyMetaFileA
CloseMetaFile
ColorCorrectPalette
EnumICMProfilesA
SetICMMode
GetDCOrgEx
GetKerningPairsA
ScaleWindowExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
PolyTextOutW
PolyTextOutA
PathToRegion
CopyMetaFileW
CreateCompatibleDC
CreateEllipticRgn
CreateFontIndirectW
CreatePatternBrush
CreateScalableFontResourceW
FillRgn
GetROP2
GetBkColor
GetFontData
GetGlyphOutlineW
GetMetaFileBitsEx
GetOutlineTextMetricsW
GetPaletteEntries
GetRgnBox
GetTextCharsetInfo
GetFontUnicodeRanges
GetGlyphIndicesW
RemoveFontMemResourceEx
PlgBlt
OffsetClipRgn
PolyPolygon
PtVisible
SetLayout
SetPaletteEntries
SetPixel
SetAbortProc
GetBrushOrgEx
GetPath
EndPath
winspool.drv
AddPrintProvidorA
AddMonitorA
AddMonitorW
AddJobA
AddPrintProcessorW
AddPrinterDriverW
DeviceCapabilitiesW
advapi32
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
NotifyChangeEventLog
DeregisterEventSource
CloseEventLog
BackupEventLogA
ClearEventLogA
EqualSid
AreAnyAccessesGranted
AddAccessDeniedAceEx
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
GetCurrentHwProfileW
ObjectOpenAuditAlarmA
ReportEventW
OpenEventLogW
OpenEncryptedFileRawA
GetSecurityDescriptorRMControl
EqualPrefixSid
AddAccessAllowedAceEx
OpenBackupEventLogA
InitializeSid
InitializeSecurityDescriptor
ImpersonateLoggedOnUser
GetSecurityDescriptorOwner
GetPrivateObjectSecurity
DeleteAce
AddAuditAccessAce
AddAccessAllowedAce
QuerySecurityAccessMask
FreeSid
GetSecurityDescriptorSacl
LogonUserExA
LogonUserW
ObjectDeleteAuditAlarmA
ReadEventLogA
RegisterEventSourceA
BackupEventLogW
IsTextUnicode
OpenEncryptedFileRawW
DecryptFileW
IsValidSecurityDescriptor
IsTokenRestricted
GetSecurityDescriptorGroup
AllocateLocallyUniqueId
AddAuditAccessObjectAce
AddAce
AddAccessDeniedObjectAce
AccessCheckByType
AccessCheck
FreeEncryptionCertificateHashList
LogonUserA
GetUserNameW
LookupPrivilegeDisplayNameW
LookupPrivilegeValueW
ObjectPrivilegeAuditAlarmA
RegisterEventSourceW
GetOldestEventLogRecord
ReadEncryptedFileRaw
FileEncryptionStatusW
FileEncryptionStatusA
MakeSelfRelativeSD
InitializeAcl
ImpersonateAnonymousToken
GetSidIdentifierAuthority
GetAce
CheckTokenMembership
AdjustTokenGroups
AddMandatoryAce
ole32
OleConvertIStorageToOLESTREAM
OleQueryLinkFromData
CreateGenericComposite
CoInstall
CreateDataAdviseHolder
CoDosDateTimeToFileTime
CoFileTimeToDosDateTime
CoAllowSetForegroundWindow
CoGetInstanceFromFile
CoWaitForMultipleHandles
FreePropVariantArray
PropVariantClear
CoCreateGuid
CoCancelCall
CoImpersonateClient
CoCreateFreeThreadedMarshaler
CoMarshalHresult
CoSuspendClassObjects
CoResumeClassObjects
CoUninitialize
CoFileTimeNow
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
CoRegisterMallocSpy
OleBuildVersion
OleDraw
OleSetContainedObject
ws2_32
gethostname
gethostbyname
inet_ntoa
getprotobyname
getprotobynumber
closesocket
listen
socket
setsockopt
ntohs
getpeername
WSAStartup
recvfrom
inet_addr
recv
shutdown
WSAGetLastError
send
getservbyport
iphlpapi
GetTcpTable
Sections
.text Size: 347KB - Virtual size: 346KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rdate Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ