Static task
static1
Behavioral task
behavioral1
Sample
6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0.exe
Resource
win10v2004-20230220-en
General
-
Target
6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0
-
Size
3.6MB
-
MD5
fb3b701c31106222b583e8b22fe87699
-
SHA1
9a90fd63fc0fc6ab53b34818e05a8a1f2a6a3f04
-
SHA256
6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0
-
SHA512
ec01e3e14ce17d0cebf102414bee5779c9ef60e63521cc98e6d9b6566e134575e3ccc76ad3ff1b95a711a99bed3b02f7e2271f1fad777f261bb9e447bf0f37a7
-
SSDEEP
98304:PQYDL1/VcHsTWEX+naPPrEhXGK1imww7j61vW+z8:Z/1/WJoz+pwDJpz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0
Files
-
6db73ed1db18e048acdf048569635835a79f2b5ea4f0e51d26a028d34e14d3a0.exe windows x86
522da274ba6bcb20755ce63bb0e86ee2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateDirectoryA
GetModuleFileNameA
CreateMutexA
InterlockedDecrement
DeleteFileA
OpenProcess
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
GetTickCount
Sleep
GetLocalTime
WaitForSingleObject
lstrcmpiA
FreeResource
FindResourceA
FindResourceW
LoadResource
LockResource
SizeofResource
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
DeactivateActCtx
SetLastError
GetCPInfo
WideCharToMultiByte
lstrlenW
GetProcessHeap
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetTimeZoneInformation
MultiByteToWideChar
lstrlenA
GetVersionExA
GetVersion
CompareStringW
GetStringTypeW
MulDiv
GlobalUnlock
GlobalLock
GetCurrentProcessId
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
GlobalFree
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
FreeLibrary
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
SuspendThread
CreateEventA
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetThreadLocale
FileTimeToSystemTime
GetOEMCP
GetACP
GetCurrentDirectoryA
lstrcpyA
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
EncodePointer
DecodePointer
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
HeapCreate
IsValidCodePage
LCMapStringW
IsProcessorFeaturePresent
SetHandleCount
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
CreateEventA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
HeapAlloc
HeapFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetModuleHandleW
LoadResource
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
VirtualQuery
user32
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
KillTimer
CheckDlgButton
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
ShowOwnedPopups
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReleaseCapture
LoadMenuA
ReuseDDElParam
UnpackDDElParam
RealChildWindowFromPoint
LoadCursorA
UnregisterClassA
IsRectEmpty
SetParent
SetCapture
LoadCursorW
WaitMessage
EnumDisplayMonitors
SetLayeredWindowAttributes
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
CharUpperA
UnionRect
RedrawWindow
GetMenuDefaultItem
GetAsyncKeyState
InvertRect
HideCaret
EnableScrollBar
NotifyWinEvent
CopyImage
LockWindowUpdate
IsZoomed
SetWindowRgn
GetFocus
SetClassLongA
LoadMenuW
DrawFrameControl
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
GetDlgItem
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
SetMenuDefaultItem
IsClipboardFormatAvailable
GetUpdateRect
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
GetWindowRgn
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
GetWindow
SetWindowsHookExA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
DestroyAcceleratorTable
EndDeferWindowPos
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
UnhookWindowsHookEx
IntersectRect
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
GetMenuStringA
GetWindowThreadProcessId
GetLastActivePopup
DrawIcon
IsIconic
SetTimer
GetSystemMenu
LoadIconW
wsprintfA
PtInRect
ScreenToClient
GetCursorPos
IsWindow
LoadImageA
CreateIconIndirect
GetIconInfo
DrawStateA
GetClientRect
DrawFocusRect
OffsetRect
InflateRect
FrameRect
PostMessageA
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GrayStringA
DrawTextExA
TabbedTextOutA
EnableWindow
GetSubMenu
DeleteMenu
RemoveMenu
LoadBitmapW
GetSysColorBrush
CreatePopupMenu
CreateMenu
GetMenuItemID
GetMenuState
ModifyMenuA
InsertMenuA
GetMenuItemCount
AppendMenuA
IsWindowEnabled
MessageBoxA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GetDesktopWindow
GetSystemMetrics
DestroyIcon
DrawIconEx
SystemParametersInfoA
DrawTextA
GetMenuItemInfoA
SetRect
DrawEdge
FillRect
GetSysColor
CopyRect
SetWindowLongA
SetRectEmpty
RegisterClipboardFormatA
GetWindowPlacement
gdi32
GetViewportExtEx
GetWindowExtEx
SelectClipRgn
SetLayout
CreateRectRgn
SetTextAlign
MoveToEx
LineTo
GetLayout
GetTextFaceA
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
OffsetRgn
StretchBlt
SetDIBColorTable
Polygon
Polyline
CreateEllipticRgn
CreatePolygonRgn
IntersectClipRect
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
GetRgnBox
GetTextColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetBkColor
DPtoLP
GetMapMode
CombineRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateSolidBrush
CreatePen
GetBkMode
CreateFontIndirectA
GetTextExtentPoint32W
GetTextExtentPoint32A
Ellipse
CreateDIBSection
ScaleViewportExtEx
DeleteObject
DeleteDC
GetObjectA
GetPixel
SetPixel
PatBlt
CreateHatchBrush
Rectangle
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetStockObject
CreateBitmap
SetBkColor
SetTextColor
CreateHalftonePalette
GetDIBColorTable
CreatePalette
CreateFontA
GetTextMetricsA
ExcludeClipRect
GetClipBox
SetMapMode
SetRectRgn
CreateRectRgnIndirect
CreateDCA
CopyMetaFileA
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
CreateRoundRectRgn
SelectObject
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
advapi32
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
shell32
SHGetFolderPathA
ShellExecuteA
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish
DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
ole32
IsAccelerator
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleTranslateAccelerator
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
oleaut32
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringLen
SysAllocStringByteLen
VariantChangeType
VarBstrFromDate
SysFreeString
VariantInit
VariantClear
OleCreateFontIndirect
SysStringLen
SysAllocString
VariantCopy
msimg32
TransparentBlt
AlphaBlend
comctl32
ImageList_GetIconSize
_TrackMouseEvent
InitCommonControlsEx
shlwapi
PathAppendA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
oledlg
ord8
ws2_32
socket
WSACleanup
closesocket
gethostbyname
htons
connect
send
recv
WSAStartup
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
gdiplus
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipGetImagePaletteSize
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDrawImageI
imm32
ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
winmm
PlaySoundA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comdlg32
GetFileTitleA
Sections
.text Size: - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 284KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.1n~ Size: - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.JMG Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.y#B Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 428B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ