Static task
static1
Behavioral task
behavioral1
Sample
8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15.exe
Resource
win10v2004-20230831-en
windows10-2004-x64
General
-
Target
8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15
-
Size
7.0MB
-
MD5
e81257219a00cab7b702bf8f86ad1a05
-
SHA1
cc35be79023529a6614dfc0590c6e6d57e23f203
-
SHA256
8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15
-
SHA512
1299bb9d8e3df2c0e17c2941e5141c0a7f42518c2a22ffbb306f2f9a51dea011946cb1f017d596f29769e28deaec0b842966f9ac807f7f5d11b6257e7ef099e1
-
SSDEEP
98304:9KAMe06yXro+3FNLU6Od814lqhG6ViSF6WsvTEHgFMZL:cAMVXk+3FNYWh9V1F6W4TEHg6L
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15
Files
-
8888e64a87767209cffecc95243371c7a48adaf6b6f9b6eb85f3c99c18de6a15.exe windows x86
ee80b49de995af3b49fe8a765425cf73
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
skinhu
SkinH_AdjustHSV
SkinH_AttachEx
mfc90u
ord4582
ord6168
ord4248
ord3588
ord6130
ord2551
ord2504
ord6729
ord4457
ord491
ord729
ord5825
ord5982
ord3993
ord3494
ord3131
ord4822
ord1678
ord590
ord795
ord6807
ord3674
ord3933
ord2283
ord781
ord4660
ord778
ord1222
ord6691
ord2676
ord3741
ord3922
ord3688
ord287
ord579
ord5974
ord6040
ord2040
ord3165
ord3014
ord6502
ord6428
ord6427
ord3706
ord3698
ord3386
ord3385
ord3699
ord2592
ord6259
ord2862
ord3145
ord6723
ord1313
ord4455
ord290
ord6347
ord710
ord462
ord2695
ord1932
ord5124
ord1314
ord1925
ord5979
ord3021
ord4741
ord2727
ord4171
ord6349
ord6210
ord4270
ord3146
ord791
ord3665
ord3282
ord316
ord601
ord2539
ord2470
ord2243
ord1145
ord339
ord6577
ord1721
ord5182
ord3486
ord1533
ord2707
ord3627
ord1708
ord1779
ord3656
ord4662
ord2285
ord12404
ord13194
ord9972
ord10457
ord10304
ord13136
ord12165
ord12617
ord7766
ord9965
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord8452
ord4347
ord4996
ord5680
ord5663
ord6018
ord3115
ord4905
ord9272
ord750
ord780
ord6482
ord1186
ord1156
ord1098
ord4211
ord1220
ord7332
ord7138
ord4043
ord4967
ord1943
ord4516
ord4268
ord2046
ord2014
ord785
ord3661
ord3278
ord4663
ord1722
ord1786
ord2286
ord6501
ord6499
ord6698
ord3399
ord826
ord833
ord519
ord518
ord846
ord1759
ord1268
ord4294
ord484
ord5859
ord485
ord2725
ord4410
ord4541
ord3562
ord4657
ord1695
ord692
ord3492
ord3234
ord2632
ord2637
ord2614
ord959
ord4653
ord1666
ord2275
ord4508
ord1602
ord2105
ord6791
ord1488
ord4934
ord6194
ord5497
ord6494
ord3685
ord3687
ord3686
ord3689
ord1325
ord6169
ord525
ord2469
ord6094
ord3231
ord4451
ord3149
ord585
ord788
ord2137
ord5611
ord5403
ord2627
ord5652
ord6794
ord5595
ord1431
ord1425
ord5429
ord1432
ord2227
ord2265
ord2269
ord2288
ord2297
ord2289
ord2078
ord4396
ord5802
ord4320
ord4616
ord6524
ord1723
ord1787
ord3157
ord2097
ord367
ord636
ord3513
ord6174
ord6418
ord5850
ord5863
ord6101
ord6096
ord6183
ord6372
ord6569
ord4579
ord6566
ord6060
ord6572
ord6063
ord2758
ord1353
ord6091
ord6574
ord6547
ord6187
ord2263
ord6095
ord3622
ord6513
ord4351
ord5893
ord3856
ord6780
ord553
ord933
ord3694
ord3589
ord6822
ord5778
ord6811
ord5767
ord1243
ord403
ord939
ord293
ord1553
ord3015
ord3018
ord4251
ord4322
ord2501
ord2490
ord665
ord406
ord6699
ord814
ord1745
ord4295
ord3962
ord4518
ord5794
ord2699
ord1565
ord2531
ord957
ord6737
ord4470
ord6820
ord6359
ord6084
ord2320
ord3017
ord3020
ord3013
ord3657
ord3194
ord400
ord3534
ord2953
ord2955
ord5943
ord5793
ord6493
ord4530
ord2100
ord6197
ord3749
ord1355
ord6196
ord5867
ord2478
ord4490
ord4774
ord1354
ord654
ord3528
ord4044
ord633
ord3511
ord1674
ord2479
ord12270
ord10468
ord1868
ord4519
ord9510
ord7146
ord3488
ord3543
ord2106
ord1183
ord3537
ord6848
ord9351
ord6659
ord1603
ord899
ord4494
ord6013
ord4405
ord2596
ord6171
ord4262
ord6355
ord4266
ord6275
ord2326
ord691
ord3560
ord1692
ord1772
ord693
ord3563
ord3252
ord4658
ord2280
ord3183
ord1944
ord1250
ord1254
ord4543
ord6065
ord4265
ord2595
ord2593
ord616
ord3497
ord1668
ord1769
ord6687
ord4131
ord6666
ord6170
ord6813
ord1552
ord5770
ord3187
ord6079
ord5535
ord6281
ord663
ord404
ord6514
ord1357
ord2038
ord776
ord3489
ord1665
ord611
ord3652
ord3275
ord4652
ord1717
ord2274
ord3658
ord6137
ord2130
ord3577
ord2282
ord4512
ord615
ord3496
ord4654
ord1667
ord2277
ord4510
ord1601
ord2103
ord580
ord782
ord5939
ord799
ord1047
ord3338
ord801
ord3794
ord374
ord639
ord1272
ord1108
ord1137
ord3361
ord266
ord2209
ord265
ord3360
ord664
ord5897
ord5891
ord1855
ord4309
ord4254
ord6172
ord6512
ord2351
ord1365
ord5845
ord480
ord3807
ord6218
ord2197
ord5773
ord702
ord453
ord3054
ord4306
ord1420
ord481
ord2152
ord3191
ord6817
ord770
ord569
ord2372
ord1383
ord2901
ord6515
ord2532
ord2757
ord711
ord463
ord1707
ord2571
ord792
ord587
ord3953
ord1261
ord320
ord6693
ord4407
ord4408
ord402
ord766
ord3639
ord3868
ord3498
ord3236
ord5166
ord4630
ord2207
ord340
ord1255
ord2141
ord4399
msvcr90
swscanf
_mktime64
_localtime64_s
_wfopen_s
fwrite
fclose
malloc
_resetstkoflw
free
_wcstoui64
_time64
srand
wcsftime
strcpy_s
memcpy_s
swprintf_s
__RTDynamicCast
__CxxFrameHandler3
_CxxThrowException
memset
memcmp
_vswprintf
wcscpy_s
_CIcos
_CIsin
_CItan
_CIsqrt
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
memcpy
calloc
realloc
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
strpbrk
sprintf_s
memmove
_wcsnicmp
_wcserror
strncpy
wcsncmp
wcschr
fread
ftell
fseek
_wfopen
wcstoul
_purecall
_wcsnset
wcsncpy
_vsnprintf_s
_wcsicmp
wcsrchr
memmove_s
wcstol
_errno
_wtof
wcsstr
rand
ceil
_wtoi
kernel32
GetLastError
LoadLibraryW
GetModuleHandleW
GetProcAddress
Sleep
DeleteFileW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
FindFirstFileW
FindClose
lstrlenW
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
MulDiv
CreateDirectoryW
FreeLibrary
CreateMutexW
GetFileAttributesW
GetTempPathW
GetSystemDefaultLangID
GetCurrentProcess
TerminateProcess
LoadLibraryExW
MultiByteToWideChar
CopyFileW
CreateThread
WritePrivateProfileStringW
lstrcpyW
GetACP
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
GetTickCount
GetLogicalDriveStringsW
GetDriveTypeW
GetVolumeInformationW
GetPrivateProfileIntW
CreateFileW
SetLastError
GetVersion
GetVersionExW
GetCPInfo
lstrcmpiW
lstrcpynW
lstrcmpW
GlobalReAlloc
GlobalSize
lstrcatW
WinExec
GetWindowsDirectoryW
GetVersionExA
GetSystemTime
SetThreadPriority
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreW
SetEvent
CreateEventW
ResetEvent
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
GetProcessHeap
HeapFree
GetSystemInfo
VirtualAlloc
VirtualFree
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetThreadPriority
GetCurrentThread
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GlobalFree
GetPrivateProfileStringW
GetCurrentProcessId
ReleaseSemaphore
user32
GetClassInfoW
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageW
CloseWindow
GetWindowTextW
IsWindowEnabled
ChildWindowFromPoint
EqualRect
SetRectEmpty
CopyIcon
MoveWindow
IsRectEmpty
GetDoubleClickTime
GetCapture
ClipCursor
InvertRect
GetFocus
IsClipboardFormatAvailable
GetClassNameW
SetWindowRgn
SetWindowTextW
UnregisterClassW
DestroyWindow
RegisterClassW
DefWindowProcW
EndPaint
BeginPaint
GetWindowDC
CreateWindowExW
CreateCursor
GetMessagePos
RedrawWindow
CreateIconIndirect
GetIconInfo
DrawStateW
DrawFocusRect
OffsetRect
InflateRect
FrameRect
GetActiveWindow
GetNextDlgTabItem
IsMenu
DestroyCursor
GetSysColorBrush
CreateMenu
GetMenuState
TabbedTextOutW
DrawTextExW
GrayStringW
DrawEdge
CopyRect
GetSysColor
IntersectRect
SetLayeredWindowAttributes
DrawIconEx
DispatchMessageW
TranslateMessage
PeekMessageW
SetWindowLongW
GetWindowLongW
ShowWindow
LoadCursorW
SetCursor
ReleaseCapture
SetCapture
mouse_event
WindowFromPoint
PrintWindow
GetAsyncKeyState
PtInRect
ClientToScreen
ScreenToClient
RemoveMenu
GetMenuItemID
GetMenuItemCount
GetMenu
GetMenuItemInfoW
SetWindowPos
SetParent
DrawIcon
IsIconic
GetDesktopWindow
SetMenuItemBitmaps
CheckMenuItem
ModifyMenuW
EnableMenuItem
LoadImageW
SystemParametersInfoW
MessageBoxW
PostMessageW
GetSystemMetrics
IsWindow
ShowScrollBar
ReleaseDC
GetCursorPos
GetKeyState
DrawTextW
FillRect
GetDC
DeleteMenu
GetSubMenu
LoadMenuW
SetActiveWindow
FindWindowW
SetRect
IsWindowVisible
GetWindowRect
AppendMenuW
CreatePopupMenu
UpdateWindow
InvalidateRect
KillTimer
GetParent
GetClientRect
EnableWindow
SetTimer
SendMessageW
DestroyIcon
LoadBitmapW
LoadIconW
RegisterWindowMessageW
gdi32
Polygon
BitBlt
GetPixel
Rectangle
GetTextExtentPoint32W
MoveToEx
LineTo
GdiTransparentBlt
StretchBlt
SetBkColor
TextOutW
Ellipse
CreateDIBSection
EnumFontFamiliesW
GetDIBits
GetBkMode
Escape
ExtTextOutW
RectVisible
PtVisible
PatBlt
CreateRectRgn
CombineRgn
OffsetRgn
FillRgn
RoundRect
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
BeginPath
EndPath
StrokeAndFillPath
StrokePath
PlgBlt
GdiFlush
SetTextCharacterExtra
GetCurrentObject
GetTextColor
GetTextMetricsW
GetBkColor
CreateFontW
SetDIBits
SetTextJustification
SelectClipRgn
StretchDIBits
CreatePen
SetPixel
SetStretchBltMode
CreateBitmap
GetDeviceCaps
GetStockObject
SetTextColor
CreateFontIndirectW
CreateSolidBrush
SetBkMode
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetObjectW
DeleteObject
msimg32
AlphaBlend
TransparentBlt
advapi32
RegEnumValueW
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegCreateKeyW
RegSetValueW
RegQueryValueW
RegOpenKeyExW
shell32
ShellExecuteA
ord71
SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
comctl32
_TrackMouseEvent
ord17
ImageList_GetImageCount
ImageList_GetIcon
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathFileExistsW
PathIsDirectoryW
PathFindExtensionW
ole32
CoFreeUnusedLibraries
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoTaskMemFree
oleaut32
VarUdateFromDate
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
gdiplus
GdipDrawImageRectRectI
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromFile
GdipDrawImagePointRectI
GdipFillRectangleI
GdipDrawString
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFontFromDC
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipLoadImageFromStream
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdiplusShutdown
GdipCreateFontFromLogfontW
msvcp90
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?uncaught_exception@std@@YA_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
listenled
LS_RefreshNeiMaArea
LS_MultiSend
LS_MultiSendOne
LS_MultiUpdateCPU
LS_MultiUpdateFPGAfpu
LS_MultiUpdateFPGA
LS_BrightnessControl
LS_LedTest
LS_TimeBrightnessControl
LS_AutoBrightnessControl
LS_TimePowerOnOff
LS_MultiUpdateWifiCpu
LS_MultiSendFont
LS_CreateProgramEx
LS_AddProgram
LS_SetProgramTime
LS_AddWaterBorder
LS_AddNeiMaArea
LS_AddImageTextArea
LS_LedShudownServer
LS_AddImageTextAreaDataFromFile
LS_AddTemperatureArea
LS_AddDynamicArea
LS_AddClockArea
LS_AddDigitalClockArea
LS_AddTimeArea
LS_AddTime2Area
LS_AddLunarArea
LS_AddVoiceArea
LS_AddQRArea
LS_AddImageTextAreaDataFromFileEx
LS_AddSimpleBackToImageTextArea
LS_GetWorkTime
LS_DeleteProgram
LS_IsProgramChanged
LS_Send
LS_ProgramFilePath
LS_SetLedAllSettingInfo
LS_PowerOnOff
LS_AdjustTime
LS_ReadBackProgram
LS_LedInitServer
LS_RegisterLedServerCallback
LS_CancelLocker
LS_TimeLocker
LS_SetLedCommunicationInfo
LS_SmartSet
LS_SearchLedToList
LS_GetLedSettingInfo
LS_SetFullColorScanLine
LS_SetGamma
LS_SetLedSettingInfo
LS_CancelSend
winmm
timeKillEvent
timeBeginPeriod
timeEndPeriod
timeSetEvent
timeGetTime
iphlpapi
GetAdaptersInfo
ws2_32
inet_addr
inet_ntoa
ntohl
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 298KB - Virtual size: 297KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5.0MB - Virtual size: 5.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 174KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ