Static task
static1
General
-
Target
Cherry-Mountains-install.exe
-
Size
35.2MB
-
MD5
731c2b80bc8c619458004234f15e9f2e
-
SHA1
db178553f94783775e708c5c055480c20fa8eca0
-
SHA256
3951530c06c2bb2accad1ff40ce847757a11cea869ccfa1f5f28abbe0b9d2422
-
SHA512
9d954760e38f8aeb77fc313f8090c2bbb89397349bae127b9f8a1d0868ba0b3d588b85af95a9e5df1035c2984b8c8151dbdc45f0770b769885fa768a2c5abd66
-
SSDEEP
786432:l/tbnM1X1PTjOo/lXJUlU3R7PJgtO4m9/0As1r4CMEv456hOqOS:N1U1PvOo9XJUS7BSO4m9/0N1rrDyEB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Cherry-Mountains-install.exe
Files
-
Cherry-Mountains-install.exe.exe windows x86
e45db0faa2d6ea8117244b8eeec66f7d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
GetVersionExA
GetVersion
CompareStringA
GetTimeZoneInformation
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetDriveTypeA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
RemoveDirectoryA
MoveFileA
RtlUnwind
DeleteFileA
SetEnvironmentVariableA
CreateDirectoryA
HeapFree
HeapAlloc
HeapCompact
TerminateProcess
ExitProcess
GetFileAttributesA
SetFileAttributesA
GetCurrentProcess
MoveFileExA
GetModuleHandleA
FormatMessageA
CopyFileA
SetFileTime
OpenFile
SetErrorMode
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetFullPathNameA
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetTempPathA
GetShortPathNameA
GetExitCodeProcess
CompareStringW
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateProcessA
Sleep
lstrcatA
lstrlenA
WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetLastError
FindFirstFileA
FindClose
GetWindowsDirectoryA
IsBadWritePtr
GetSystemDirectoryA
user32
ExitWindowsEx
IsIconic
PostQuitMessage
DefWindowProcA
DialogBoxParamA
PostMessageA
EndDialog
CheckDlgButton
SetTimer
BringWindowToTop
GetLastActivePopup
FindWindowA
RegisterClassA
LoadCursorA
SendMessageA
GetWindow
AdjustWindowRectEx
LoadIconA
GetSysColor
ScreenToClient
GetWindowRect
GetDlgItem
EndPaint
BeginPaint
GetClientRect
FillRect
DrawTextA
GetSystemMetrics
KillTimer
SendDlgItemMessageA
GetFocus
GetDlgItemTextA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
IsDlgButtonChecked
CheckRadioButton
SetFocus
GetParent
UpdateWindow
IsWindowVisible
InvalidateRect
CreateDialogParamA
RedrawWindow
PeekMessageA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
SetWindowTextA
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA
GetWindowLongA
IsWindowEnabled
CallWindowProcA
ValidateRect
SetWindowLongA
GetClassNameA
MessageBoxA
EnableWindow
wsprintfA
gdi32
DeleteDC
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette
DeleteObject
ExtTextOutA
CreateFontIndirectA
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
CreateHalftonePalette
CreateDIBPatternBrush
CreateSolidBrush
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
SetTextColor
SetBkMode
AddFontResourceA
SetBkColor
GetStockObject
RemoveFontResourceA
comdlg32
GetOpenFileNameA
advapi32
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCreateKeyA
RegEnumKeyExA
RegCloseKey
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
shell32
DragQueryFileA
DragFinish
ShellExecuteA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
DragAcceptFiles
ole32
CoGetMalloc
CoCreateInstance
OleInitialize
OleUninitialize
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA
comctl32
ord17
Sections
.text Size: 136KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ