Static task
static1
Behavioral task
behavioral1
Sample
3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7.exe
Resource
win10v2004-20230915-en
General
-
Target
3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7
-
Size
99KB
-
MD5
57bd089b92f4f46bd3c0bce2808482c9
-
SHA1
f614ff5af348817e9bd5909bd1824f302b258e5a
-
SHA256
3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7
-
SHA512
3cba430c65352a6418f37c6f54f1249903fefd21f887d0ae02c303a4d635025e97746454150ba227ad96cd43e7cb0a7ed1e3551a1a66fb30e471b5957357725d
-
SSDEEP
3072:0yE2fFToP0R6uS9hebyzoY4uHOqfGG0z:tjRw0R65TFuqf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7
Files
-
3af860e4ffe1af9d00733da1132f3131c5e0d25086b73f27e3d3148adb2501b7.exe windows:1 windows x86
6f84b533ded224a9bdd8dff4629d8776
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
user32
SetMessageQueue
RegisterClassA
LoadIconA
RegisterWindowMessageA
LoadStringA
InsertMenuA
DeleteMenu
CharToOemA
OemToCharA
CharUpperA
wsprintfA
LoadCursorA
DestroyMenu
GetClassNameA
GetWindowTextA
SetWindowTextA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
PeekMessageA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
GetCursorPos
SetPropA
SetWindowsHookExA
CallNextHookEx
IsWindowVisible
UpdateWindow
SetCursor
MessageBoxA
PostMessageA
SetFocus
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
UnhookWindowsHookEx
DestroyWindow
DefWindowProcA
CallWindowProcA
GetCapture
WinHelpA
AdjustWindowRectEx
SystemParametersInfoA
GetSystemMetrics
SetRect
GetWindowRect
SetWindowPos
SendDlgItemMessageA
GetDlgCtrlID
SendMessageA
IsDialogMessageA
GetSysColor
GetMessagePos
GetMessageTime
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetTopWindow
GetMenu
CreateWindowExA
RemovePropA
SetWindowLongA
GetPropA
SetForegroundWindow
IsWindowEnabled
GetForegroundWindow
GetLastActivePopup
GetWindow
CreateDialogParamA
DialogBoxParamA
DialogBoxIndirectParamA
GetDlgItem
EndDialog
EnableWindow
GetParent
GetWindowLongA
PostQuitMessage
GetDlgItemTextA
SetDlgItemTextA
ShowWindow
gdi32
CreateFontIndirectA
GetDeviceCaps
GetTextExtentPointA
DeleteDC
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
DeleteObject
CreatePen
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
ExtTextOutA
Escape
PtVisible
RectVisible
TextOutA
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
kernel32
SetErrorMode
TlsFree
GetSystemDirectoryA
GetModuleFileNameA
UnhandledExceptionFilter
GetTickCount
GetCommandLineA
GetACP
GetOEMCP
GetCPInfo
ExitProcess
VirtualAlloc
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
RtlUnwind
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
SetConsoleCtrlHandler
CreateThread
ExitThread
RaiseException
SetUnhandledExceptionFilter
lstrcatA
lstrcpyA
GetCurrentDirectoryA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetCurrentProcess
LockFile
UnlockFile
SetEndOfFile
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GlobalLock
GetModuleHandleA
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
lstrcmpiA
lstrlenA
lstrcmpA
GetVersion
TlsAlloc
LocalAlloc
LocalFree
GetLastError
TlsGetValue
SetLastError
LoadLibraryA
GetProcAddress
CloseHandle
ResumeThread
SetThreadPriority
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GetCurrentThread
GetCurrentThreadId
GlobalFree
GlobalDeleteAtom
FreeLibrary
LoadResource
LockResource
FreeResource
GlobalAddAtomA
comdlg32
GetFileTitleA
CommDlgExtendedError
PrintDlgA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
advapi32
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
Sections
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_TEXT Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.CRT$XIA Size: 11KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ