Static task
static1
Behavioral task
behavioral1
Sample
05484199.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
05484199.exe
Resource
win10v2004-20230221-en
General
-
Target
05484199.exe
-
Size
1.0MB
-
MD5
055d1462f66a350d9886542d4d79bc2b
-
SHA1
f1086d2f667d807dbb1aa362a7a809ea119f2565
-
SHA256
dddf7894b2e6aafa1903384759d68455c3a4a8348a7e2da3bd272555eba9bec0
-
SHA512
2c5e570226252bdb2104c90d5b75f11493af8ed1be8cb0fd14e3f324311a82138753064731b80ce8e8b120b3fe7009b21a50e9f4583d534080e28ab84b83fee1
-
SSDEEP
24576:FRYz/ERA0eMuWfHvgPw/83JI8CorP9qY0:FE/yADMuYvgP93JIc2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 05484199.exe
Files
-
05484199.exe.exe windows x86
d761cb0531b62176dc524988b5963190
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
CloseHandle
CreateFileW
HeapReAlloc
HeapSize
GlobalAlloc
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetProcessHeap
SetStdHandle
SetEnvironmentVariableA
GetThreadPriority
SetFilePointerEx
LoadLibraryA
SetEvent
ResetEvent
CreateEventA
GetEnvironmentStrings
GetConsoleWindow
SetEndOfFile
GetPriorityClass
FreeLibrary
EnumDateFormatsA
GetCurrentThread
GetLastError
GlobalAddAtomA
WaitForSingleObject
SetThreadPriority
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentProcess
FindNextFileA
FindFirstFileExA
FindClose
DecodePointer
GetStringTypeW
LCMapStringW
CompareStringW
CreateThread
WaitForSingleObjectEx
OutputDebugStringW
HeapAlloc
HeapFree
GetACP
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
GetFileType
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
RaiseException
EncodePointer
GlobalFree
GlobalLock
GlobalUnlock
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
BuildCommDCBA
SetCommTimeouts
SetCommState
GetCommTimeouts
GetCommState
WriteFile
ReadFile
FlushFileBuffers
CreateFileA
GetModuleHandleA
CreateEventW
SetPriorityClass
user32
SetClipboardData
GetClipboardData
EmptyClipboard
IsDlgButtonChecked
DefWindowProcA
TranslateMessage
RegisterWindowMessageW
ReleaseDC
EndPaint
CloseClipboard
OpenClipboard
DestroyWindow
ShowWindow
SetClassLongA
WindowFromDC
GetDesktopWindow
GetDlgItem
SendMessageA
LoadIconA
CheckMenuItem
GetCursorPos
BeginPaint
GetMessageW
CreateDialogParamW
GetDC
EndDialog
DialogBoxParamA
wsprintfA
OffsetRect
DispatchMessageW
TrackMouseEvent
SetWindowTextA
MessageBoxA
RegisterClassA
UnregisterClassA
GetClassInfoA
CreateWindowExA
SetWindowPos
IsIconic
GetWindowRect
AdjustWindowRectEx
ShowCursor
ClientToScreen
CopyRect
GetWindowLongA
SetWindowLongA
GetMonitorInfoA
EnumDisplayMonitors
GetSystemMetrics
LoadCursorA
ScreenToClient
SetRect
GetMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
PostQuitMessage
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
UpdateWindow
SetActiveWindow
GetUpdateRect
InvalidateRect
ChildWindowFromPoint
MonitorFromWindow
ChangeDisplaySettingsExA
EnumDisplaySettingsA
SetCursorPos
SetCursor
GetClientRect
gdi32
ChoosePixelFormat
BitBlt
SelectObject
CreateDIBSection
GetTextExtentPoint32A
CreateCompatibleDC
GetNearestPaletteIndex
DeleteDC
SetViewportOrgEx
DeleteObject
CreateDCA
GetDeviceCaps
SetPixelFormat
DescribePixelFormat
SwapBuffers
GetPixelFormat
comdlg32
GetOpenFileNameA
FindTextW
advapi32
RegQueryValueExA
OpenSCManagerA
ControlService
RegOpenKeyA
OpenServiceA
RegCloseKey
RegOpenKeyExA
shell32
ord63
DragQueryFileA
ord62
DragFinish
ole32
CreateStreamOnHGlobal
oleaut32
CreateTypeLib2
CreateTypeLi
odbc32
ord157
ord156
ord155
opengl32
wglGetCurrentDC
glScissor
glDisableClientState
glMatrixMode
glBlendFunc
glLoadIdentity
glTexParameteri
glDeleteTextures
glPopMatrix
glViewport
glEnableClientState
glPopAttrib
glPolygonMode
glBindTexture
glGenTextures
glVertexPointer
glNormalPointer
glGetFloatv
glDrawArrays
glVertex2f
glTranslatef
glPushClientAttrib
glPopClientAttrib
glBitmap
glVertex2i
glRasterPos2i
glEnd
glColor4fv
glColor4f
glBegin
glGetString
glGetError
glGetBooleanv
glReadBuffer
glDrawBuffer
glFlush
wglMakeCurrent
wglGetProcAddress
wglGetCurrentContext
wglDeleteContext
wglCreateContext
glClearColor
glTexCoordPointer
glClear
glGetIntegerv
glPushAttrib
glOrtho
glPixelStorei
glPushMatrix
glDisable
glDrawElements
glTexEnvi
glColorPointer
glTexImage2D
glGetTexEnviv
glEnable
winmm
joyGetDevCapsA
timeBeginPeriod
timeEndPeriod
timeGetTime
joyGetPosEx
gdiplus
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipFree
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipCloneImage
ws2_32
closesocket
avifil32
AVIMakeCompressedStream
rpcrt4
UuidCreate
UuidToStringW
dbghelp
EnumerateLoadedModules
comsvcs
CoCreateActivity
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
Sections
.text Size: 563KB - Virtual size: 563KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 213KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 37KB - Virtual size: 444KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 218KB - Virtual size: 218KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ