Static task
static1
Behavioral task
behavioral1
Sample
0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2
-
Size
3.5MB
-
MD5
a1a949f3da19758b37f504e55e7ca74e
-
SHA1
2b2c8de34108b4fb81eb11e0663794caf17332b4
-
SHA256
0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2
-
SHA512
964e629b8a772c9d4ae2cc83e2903da813b0e26af582ef168bd05b31996e0341eee291f1b7246991219d42e20a87890059734c3f95346020a9933a953004e61f
-
SSDEEP
98304:FrHy2iqY8b/Uc0Vayb4Iq9znG4YzDqFJNyFr:Fr/YCqVayldqFJNyF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2
Files
-
0a27554bb707b23bdb6ad9f0e1aacf4cc6153ca1bd932487445a43eafc834ab2.exe windows:5 windows x86
0fa1054fa3df72fe01e4869dff1eb4f7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
modules
dbg_sys_loop
dbg_sys_quit
dbg_sys_set_quit_flag
dbg_sys_init
kernel32
GetDriveTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetTimeZoneInformation
FindNextFileW
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStringTypeW
LCMapStringW
FormatMessageW
OutputDebugStringW
ReadConsoleW
FindFirstFileExA
GetFullPathNameW
FindFirstFileExW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
Sleep
SearchPathA
GetProfileIntA
GetTempPathA
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
VerifyVersionInfoA
VerSetConditionMask
FindResourceExW
GetTickCount
GetWindowsDirectoryA
SetErrorMode
lstrcpyA
GetCPInfo
GetOEMCP
VirtualProtect
GetAtomNameA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
GetACP
LocalUnlock
LocalLock
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalFlags
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileA
FileTimeToLocalFileTime
GetStringTypeExA
GetThreadLocale
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
LoadLibraryA
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventA
SetEvent
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
FreeResource
LoadLibraryW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
GetModuleFileNameA
lstrcpynA
CloseHandle
SizeofResource
LoadResource
GetCurrentDirectoryW
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetExitCodeThread
TerminateThread
CreateThread
LockResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
SetConsoleCtrlHandler
WriteConsoleW
CreateFileW
SetCurrentDirectoryW
VirtualQuery
user32
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
CopyRect
MapVirtualKeyA
GetKeyNameTextA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
MapDialogRect
GetWindow
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageA
EnableScrollBar
FrameRect
CopyIcon
PtInRect
UnregisterClassA
SetWindowContextHelpId
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
CallNextHookEx
SetWindowsHookExA
ValidateRect
GetKeyState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
GetDesktopWindow
SetWindowLongA
GetClassLongA
GetClassNameA
GetIconInfo
GetTopWindow
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
SendDlgItemMessageA
SetRectEmpty
OffsetRect
ShowWindow
GetWindowLongA
SetActiveWindow
IsWindowEnabled
GetActiveWindow
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
ScrollWindowEx
SendMessageA
PostMessageA
IsWindow
MoveWindow
SetWindowPos
IsWindowVisible
IsIconic
GetDlgItem
GetDlgCtrlID
SetTimer
KillTimer
EnableWindow
IsZoomed
LoadAcceleratorsA
TranslateAcceleratorA
GetSystemMetrics
LoadMenuW
GetMenu
GetSystemMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuA
DrawIcon
SetForegroundWindow
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
LoadBitmapW
LoadIconW
GetParent
SetFocus
IsRectEmpty
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
SetWindowTextA
IsDialogMessageA
CharUpperA
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorA
IsClipboardFormatAvailable
GetTabbedTextExtentA
MessageBeep
SetRect
GetDialogBaseUnits
CopyImage
DeleteMenu
DestroyIcon
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
LoadCursorW
CharNextA
CopyAcceleratorTableA
InvalidateRgn
IntersectRect
GetNextDlgGroupItem
GetAsyncKeyState
TrackMouseEvent
LoadImageW
BringWindowToTop
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
RegisterClipboardFormatA
DrawFocusRect
DrawIconEx
SetCursorPos
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
GetTabbedTextExtentW
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
GetDCEx
GetUpdateRect
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
UnionRect
GetComboBoxInfo
gdi32
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleBitmap
CreateFontA
GetCurrentPositionEx
StretchDIBits
GetTextMetricsA
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CombineRgn
GetMapMode
SetRectRgn
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateBitmap
GetCharWidthA
GetWindowExtEx
GetObjectA
msimg32
TransparentBlt
AlphaBlend
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
GetJobA
advapi32
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegCloseKey
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
shell32
ExtractIconA
SHGetFileInfoA
SHAddToRecentDocs
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
Shell_NotifyIconA
comctl32
ImageList_AddMasked
ImageList_GetImageCount
ord6
shlwapi
PathFindExtensionA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathFindFileNameA
uxtheme
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
ole32
CoRevokeClassObject
CoRegisterClassObject
PropVariantCopy
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleCreateLinkFromData
OleCreateStaticFromData
OleRun
StringFromGUID2
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryCreateFromData
OleQueryLinkFromData
oleaut32
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantCopy
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocStringLen
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarCyFromStr
SysReAllocStringLen
VarBstrFromDate
VarBstrFromCy
oledlg
ord8
target
target_get_cpu_count
target_is_cpu_available
target_get_cpu_name
target_get_had_version
target_get_endian
target_write_cpu_reg
target_write_had_reg
target_read_had_cpuscr
target_upgrade_firmware
target_get_had_registers_list
target_get_message
target_get_dm_registers_list
target_read_dm_reg
target_write_dm_reg
target_get_link_list
target_get_vendor_list
target_get_target_version
target_execute_script
watchpoint_clear
breakpoint_clear
target_write_memory
target_read_memory
target_read_cpu_reg
target_read_had_reg
target_select_cpu
target_reset
target_single_step
target_halt
target_resume
target_enable_cache_flush
target_get_current_cpu
target_is_multi_cpu
target_is_connected
target_is_ice_connected
target_uninit
target_close
target_open
target_write_had_cpuscr
target_init
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
gdiplus
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundA
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 582KB - Virtual size: 581KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 139KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.giats Size: 512B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 194KB - Virtual size: 193KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ