Static task
static1
Behavioral task
behavioral1
Sample
5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b.exe
Resource
win7-20230712-en
windows7-x64
Behavioral task
behavioral2
Sample
5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
General
-
Target
5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b
-
Size
4.1MB
-
MD5
cb26ad28782a04ad2f20d8830e7b0bd1
-
SHA1
9e71f43b464e1be6dfd6db857d8f2e463aa74cee
-
SHA256
5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b
-
SHA512
947a2f825c106285811e151c06e2cf708c0feec08dfe1ca09e56a9783341202df0d82aa7111f38618cf43085e590e5fd9a6b3ef46e85074cc6e9ec6fa90df91e
-
SSDEEP
98304:3d69jk2mp6rftnhLRvH4ZJHiLldH4vYhU9kHcO1WYErPM0+rtc6O1ASiSYyYnhvG:3d69x7LRvKLvOJgrk3OGSiirC+WVUHCu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b
Files
-
5fdb67341e70b362734836862e3554fd2bcaf483cdb77835253602bb71c7bd6b.exe windows x86
f7fb6dee11a9b5014c1ae314da470296
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
libfbp2p
SEP2P_GetUserList
SEP2P_NetworkDetect
SEP2P_ChgUserPwd
SEP2P_ModifyDevAlias
SEP2P_SetDevGlobalDevAliasList
SEP2P_GetDevGlobalInfoByAlias
SEP2P_DelUser
SEP2P_DelDevFromUser
SEP2P_GetDevGlobalDevByAliasPwd
SEP2P_SetDevExpirationTime
SEP2P_SetUserAuth
SEP2P_GetDevGlobalInfoByUid
SEP2P_AddDevGlobalInfo
SEP2P_Login
SEP2P_SetDebugLog
SEP2P_Logout
SEP2P_GetDevList
SEP2P_AddDevToUser
SEP2P_GetServerVersion
SEP2P_GetUserInfo
SEP2P_AddUser
SEP2P_ModifyDevTips
ipcnetmanager
_IPCNetStopAudioR@12
_IPCNetStopSearchDevice@0
_IPCNetRebootDeviceInLAN@4
_IPCNetSetDeviceInfoInLAN@4
_IPCNetSetLanSettingResultCallback@4
_IPCNetSearchDevice@4
_IPCNetPlaybackSeekR@12
_IPCNetPausePlaybackR@12
_IPCNetStartPlaybackR@12
_IPCNetSetPlaybackAudioVideoDataCallBack@8
_IPCNetStopPlaybackR@8
_IPCNetGetAPIVersion@4
_IPCNetPutTalkData@12
_IPCNetChangeDevPwdR@12
_IPCNetStartAudioR@12
_IPCNetStartVideoR@16
_IPCNetDeInitial@0
_IPCNetSetSnapshotCallBack@8
_IPCNetGetIPCNetSessionStatus@4
_IPCNetStartIPCNetSession@12
IPCNetLog
_IPCNetStopIPCNetSession@4
_IPCNetInitializeArea@8
_IPCNetFinishLocalRecord@4
_IPCNetPutLocalRecordVideoFrame@24
_IPCNetStartRecordLocalVideo@28
_IPCNetPutLocalRecordAudioFrame@24
_IPCNetSendJsonCmdR@16
_IPCNetReleaseCmdResource@12
_IPCNetSleep@4
_IPCNetStopVideoR@12
_IPCNetSetFileTransferProgressCallback@8
_IPCNetSendBinaryDataR@20
_IPCNetSendFileToDevice@16
winmm
waveOutClose
waveOutWrite
waveOutReset
waveOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutPrepareHeader
PlaySoundA
avcodec-55
av_free_packet
av_init_packet
avcodec_alloc_context3
avcodec_close
avcodec_decode_video2
avcodec_find_decoder
avcodec_open2
avcodec_register_all
avpicture_alloc
avutil-52
av_buffer_create
av_frame_alloc
av_frame_free
av_free
av_freep
av_log
av_mallocz
swscale-2
sws_freeContext
sws_getContext
sws_scale
d3dvideorender
ord1
ord3
dsound
ord7
ord10
kernel32
GetFileSizeEx
GetFileTime
SetErrorMode
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
FindResourceExW
HeapAlloc
HeapFree
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
ExitProcess
GetCommandLineA
HeapSetInformation
SetEndOfFile
HeapReAlloc
RtlUnwind
RaiseException
SetStdHandle
GetFileType
ExitThread
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
FatalAppExitA
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
IsValidCodePage
GetLocaleInfoW
SetConsoleCtrlHandler
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
GetStringTypeW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
TerminateThread
ResetEvent
WaitForMultipleObjects
InterlockedCompareExchange
CreateEventW
CreateSemaphoreW
ReleaseSemaphore
GetProcessAffinityMask
UnlockFile
LockFile
FlushFileBuffers
GetFileAttributesA
WriteFile
ReadFile
MoveFileA
CreateFileA
lstrcmpiA
GetThreadLocale
SetFileTime
LocalFileTimeToFileTime
SetFileAttributesA
GetFileAttributesExA
GetCurrentDirectoryA
GetACP
GetOEMCP
GetCPInfo
GlobalFlags
lstrcpyA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GetStringTypeExA
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
FindClose
SystemTimeToFileTime
FileTimeToSystemTime
GetCurrentProcessId
FindResourceA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GlobalReAlloc
GetStartupInfoW
TlsGetValue
InterlockedIncrement
GetAtomNameA
CompareStringA
LoadLibraryW
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
lstrcmpW
CopyFileA
GlobalSize
FormatMessageA
lstrlenW
MulDiv
WinExec
GlobalHandle
GetCurrentProcess
SetPriorityClass
WritePrivateProfileStringA
OutputDebugStringA
GetPrivateProfileStringA
FreeLibrary
GlobalFree
LocalFree
LocalUnlock
LocalLock
LocalAlloc
GetLocalTime
CreateProcessA
GetModuleFileNameA
ConvertDefaultLocale
GlobalUnlock
GlobalLock
GlobalAlloc
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
CreateDirectoryA
GetTickCount
DeleteFileA
Sleep
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedExchange
WaitForSingleObjectEx
SetEvent
CloseHandle
CreateEventA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateThread
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetSystemDefaultUILanguage
GetLocaleInfoA
lstrcmpA
GetModuleHandleW
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetFilePointer
GetFileSize
user32
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
InvertRect
HideCaret
GetIconInfo
CopyImage
LoadImageA
GetNextDlgGroupItem
LoadImageW
RegisterClipboardFormatA
FrameRect
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
GetMenuBarInfo
LoadMenuA
ReuseDDElParam
UnpackDDElParam
CopyIcon
CharUpperBuffA
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
InSendMessage
CreateMenu
IsClipboardFormatAvailable
SendNotifyMessageA
GetUpdateRect
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
SubtractRect
DestroyCursor
MapDialogRect
EnumChildWindows
WindowFromDC
GetWindowRgn
GetDCEx
GetTabbedTextExtentW
GetTabbedTextExtentA
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongA
DestroyAcceleratorTable
DestroyIcon
WaitMessage
UnregisterClassA
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
WindowFromPoint
KillTimer
SetTimer
RedrawWindow
SetWindowRgn
DeleteMenu
OffsetRect
GetDialogBaseUnits
RealChildWindowFromPoint
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
LoadCursorA
GetSysColorBrush
ShowOwnedPopups
SetCursor
PostQuitMessage
GetMessageA
ValidateRect
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
IntersectRect
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
GetWindowThreadProcessId
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetParent
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindow
GetClassNameA
LoadBitmapW
UpdateWindow
DrawStateA
GetMenuState
GetMenuStringA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
SetRect
ShowCaret
DrawIcon
GetSystemMetrics
IsIconic
DrawFocusRect
FillRect
GetSysColor
CopyRect
wvsprintfA
ReleaseDC
GetDesktopWindow
wsprintfA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
GetFocus
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
PostMessageA
SetWindowPos
SetWindowLongA
SetParent
EnableMenuItem
CheckMenuItem
ModifyMenuA
GetSubMenu
LoadMenuW
GetWindowRect
ScreenToClient
GetCursorPos
GetDC
AppendMenuA
GetSystemMenu
LoadIconW
EndDialog
FindWindowExA
MessageBoxA
DrawTextA
GetClientRect
InvalidateRect
GetWindowLongA
SendMessageA
EnableWindow
GetClassInfoA
SetCapture
gdi32
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
ExtCreatePen
CreateHatchBrush
CreateFontIndirectA
SetRectRgn
CombineRgn
CreateBitmap
RestoreDC
SetPolyFillMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetROP2
SetViewportOrgEx
DPtoLP
CreateDIBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetCharWidthA
GetCurrentObject
CreatePolygonRgn
GetBkColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
GetDIBits
SetPixel
Rectangle
RoundRect
EnumFontFamiliesExA
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetTextExtentPoint32W
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
SetPixelV
PatBlt
SaveDC
SetBkColor
SetTextColor
GetStockObject
CreateSolidBrush
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetTextColor
CreateRectRgnIndirect
GetTextExtentPoint32A
SetBkMode
SetStretchBltMode
StretchDIBits
CreatePen
BitBlt
GetDIBColorTable
StretchBlt
CreateCompatibleBitmap
CreateDIBSection
GetObjectA
CreateCompatibleDC
SetDIBColorTable
SelectObject
DeleteDC
CreateFontA
GetMapMode
DeleteObject
msimg32
AlphaBlend
TransparentBlt
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA
advapi32
RegEnumKeyExA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegCloseKey
RegEnumValueA
RegQueryValueA
shell32
DragQueryFileA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
SHGetFileInfoA
ShellExecuteA
ShellExecuteExA
DragFinish
SHBrowseForFolderA
SHGetMalloc
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_DrawEx
ImageList_Remove
shlwapi
PathRemoveFileSpecW
PathIsDirectoryA
PathFindExtensionW
PathFindExtensionA
PathFileExistsA
PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
ole32
OleFlushClipboard
DoDragDrop
StgCreateDocfile
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateFileMoniker
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleSetMenuDescriptor
OleGetClipboard
CoRegisterClassObject
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleRun
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleIsCurrentClipboard
OleSetClipboard
CoDisconnectObject
CLSIDFromString
StringFromGUID2
CoCreateGuid
CoInitializeEx
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateStreamOnHGlobal
CoTaskMemFree
CoUninitialize
CoInitialize
OleSave
StgCreateDocfileOnILockBytes
PropVariantCopy
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleLockRunning
oleaut32
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SysAllocString
LoadRegTypeLi
LoadTypeLi
SafeArrayAllocData
VariantCopy
SafeArrayGetElement
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysStringByteLen
SysAllocStringByteLen
RegisterTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayAllocDescriptor
SysFreeString
OleLoadPicture
SystemTimeToVariantTime
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysReAllocStringLen
SysStringLen
SafeArrayDestroyDescriptor
SafeArrayDestroyData
VariantTimeToSystemTime
oledlg
ord8
gdiplus
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipGetImageEncoders
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipGetImageEncodersSize
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGetImageHeight
ws2_32
gethostname
ioctlsocket
accept
__WSAFDIsSet
select
listen
WSAGetLastError
recv
ntohl
ntohs
inet_addr
WSAStartup
recvfrom
gethostbyname
htons
setsockopt
sendto
bind
socket
closesocket
send
inet_ntoa
htonl
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
Sections
.text Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 575KB - Virtual size: 575KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 279KB - Virtual size: 278KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 217KB - Virtual size: 217KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ