Static task
static1
General
-
Target
crazy Zombie 9.exe
-
Size
10.0MB
-
MD5
2650dc6a0c77fb0e5c2cfb58c767f73f
-
SHA1
8c29ef45ed3bd7ed0069cfb9af882c46b54702fd
-
SHA256
6a3c06b68f00bff4643b92c2a1cfeefb818557fac1d06c5b680247c7858790d8
-
SHA512
b7b69ad01d13dc29862865108cc8e598917040c00fea8925eb436e2527d12ebf8b080bd397133e2ca62842ce9251d0a0a83c8d673a6a5eacfcf77d6368ca7025
-
SSDEEP
196608:5T3q575uVixESasIMb6w8ehL3DncCvCP8P3M5meQau/XWbxfnzG:Z3qh9SRD+6w1hL3Dcf8PxeQaufWbln
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource crazy Zombie 9.exe
Files
-
crazy Zombie 9.exe.exe windows x86
2ad6f54ce52fbf651f3650cdaf211aa5
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
SetLastError
GetCurrentThreadId
CreateMutexW
SetErrorMode
GetFileSize
FindClose
FindFirstFileW
GetTempPathW
GetCurrentProcess
GetSystemDirectoryW
GetWindowsDirectoryW
CreateDirectoryW
FindNextFileW
WritePrivateProfileStringW
DeleteFileW
ReadFile
FlushFileBuffers
UnmapViewOfFile
SetFilePointer
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
CreateProcessW
GetExitCodeProcess
TerminateProcess
LoadLibraryW
LoadLibraryExW
FreeLibrary
GetProcAddress
EnumResourceTypesW
Sleep
EnumResourceLanguagesW
SetUnhandledExceptionFilter
GetThreadSelectorEntry
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentProcessId
GetVersionExA
GetEnvironmentVariableW
GetModuleFileNameA
GetVersionExW
GetVolumeInformationW
GetSystemDefaultLangID
GetUserDefaultLangID
CreateEventW
SetEvent
ResetEvent
WaitForMultipleObjectsEx
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
lstrlenA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
HeapSize
TlsSetValue
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetStdHandle
WideCharToMultiByte
GetThreadLocale
GetStringTypeExW
MultiByteToWideChar
lstrlenW
TerminateThread
GetLastError
CreateThread
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
InterlockedDecrement
InterlockedIncrement
MulDiv
FindResourceExW
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
FormatMessageW
GetModuleHandleW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
GetCommandLineW
EnumResourceNamesW
ExpandEnvironmentStringsW
user32
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItemTextW
MapWindowPoints
GetDlgItem
ScreenToClient
GetWindowRect
PeekMessageW
MessageBoxW
SetWindowPlacement
IsWindow
GetForegroundWindow
MapDialogRect
EndDialog
DialogBoxIndirectParamW
CopyRect
DrawMenuBar
RemoveMenu
GetWindowDC
RegisterClipboardFormatW
MsgWaitForMultipleObjects
LoadBitmapW
UnhookWindowsHookEx
DrawEdge
GetKeyState
GetDlgCtrlID
InflateRect
GetWindowTextLengthW
PtInRect
WindowFromPoint
DestroyMenu
GetMenu
LoadMenuIndirectW
LoadMenuW
GetSubMenu
DrawFocusRect
KillTimer
SetTimer
SetCursor
RegisterWindowMessageW
LoadImageW
CharNextW
CharLowerW
DeleteMenu
GetSysColorBrush
FrameRect
DrawTextW
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
GetSysColor
BeginPaint
GetParent
FillRect
EndPaint
GetWindowTextW
SetFocus
GetClientRect
InvalidateRect
GetClassLongW
SetClassLongW
PostQuitMessage
DefWindowProcW
RemovePropW
SetWindowLongW
GetWindowLongW
ChangeDisplaySettingsW
SetWindowPos
GetMessageW
TranslateMessage
DestroyWindow
TranslateAcceleratorW
DispatchMessageW
LoadAcceleratorsW
LoadCursorW
LoadIconW
RegisterClassExW
ShowWindow
UpdateWindow
GetWindow
AdjustWindowRectEx
GetDC
ReleaseDC
ReleaseCapture
GetCursorPos
SetCapture
SystemParametersInfoW
EnumDisplaySettingsW
GetWindowPlacement
GetSystemMetrics
CreateWindowExW
PostMessageW
SetPropW
GetPropW
SendMessageW
SetForegroundWindow
SetWindowTextW
SetMenu
EnableMenuItem
DestroyIcon
TrackPopupMenu
CallWindowProcW
IsDialogMessageW
ole32
ReleaseStgMedium
CoUninitialize
CLSIDFromProgID
CoInitialize
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
OleRun
OleSetContainedObject
OleDraw
OleSetMenuDescriptor
OleSave
CoCreateInstance
CoCreateGuid
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
comctl32
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_DrawEx
winmm
timeGetTime
gdi32
StretchBlt
BitBlt
CreateCompatibleBitmap
GetTextExtentPoint32W
GetPixel
RestoreDC
CreateFontW
SaveDC
CreateFontIndirectW
EnumFontFamiliesExW
Rectangle
SetROP2
CreateHatchBrush
SetBkMode
SetTextColor
SetBkColor
RoundRect
GetTextMetricsW
SetStretchBltMode
CreateSolidBrush
CreatePen
GetStockObject
CreateCompatibleDC
CreateDIBSection
GdiFlush
SelectObject
DeleteObject
DeleteDC
Ellipse
GetDeviceCaps
GetObjectW
advapi32
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptAcquireContextW
CryptReleaseContext
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
CryptDestroyKey
CryptDecrypt
CryptDeriveKey
shell32
DragQueryFileW
ShellExecuteExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW
oleaut32
SysAllocString
SysFreeString
OleLoadPicture
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SafeArrayPtrOfIndex
SafeArrayCreate
GetErrorInfo
Sections
.text Size: 212KB - Virtual size: 211KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9.7MB - Virtual size: 9.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ