Static task
static1
Behavioral task
behavioral1
Sample
8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9
-
Size
2.4MB
-
MD5
a995372e2730a3dcfa1383db5a5c6887
-
SHA1
0f8c510130b0ff235c2123bfb88933dd104d097c
-
SHA256
8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9
-
SHA512
3376b8ca4544ffbf422e12374ed0379d1ada3ccac9861856f4129764d9402eb28ee6b5045a8bd5f3c05f9b879fe1cabcf6a93fbc2b530a04a9c702cbef22747d
-
SSDEEP
24576:4FsOS416k8CCHMTKeJSTsAgaBYftOYSiiJownN61EnHE4WKbTqNxOUSdPe/nEJKj:4/J1CHsJSrgsVqSUyKxJvF5NwkT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9
Files
-
8ad09fda3bdbd089dc90e9c77187a7e85b283f5d4e047738bbc71d50182109d9.exe windows:4 windows x86
e98b82e36ecfb50f455fbcb5921ca924
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetWaitableTimer
CreateWaitableTimerA
GetExitCodeProcess
ReadFile
PeekNamedPipe
CreateProcessA
IsDBCSLeadByteEx
EnterCriticalSection
WriteFile
LeaveCriticalSection
CreateFileA
CreateRemoteThread
GetExitCodeThread
GetLogicalDriveStringsA
DeviceIoControl
GetDriveTypeA
_lclose
IsDebuggerPresent
VirtualProtectEx
GetLastError
SetEndOfFile
GetLongPathNameA
GetStartupInfoA
VirtualProtect
InitializeCriticalSection
ExitProcess
DeleteFileA
GlobalFree
GetCommandLineA
HeapAlloc
WritePrivateProfileStringA
RtlZeroMemory
TerminateThread
GlobalLock
OpenEventA
VirtualFreeEx
WaitForSingleObject
GetProcAddress
GetModuleHandleA
VirtualAllocEx
Sleep
GetProcessHeap
InterlockedIncrement
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeW
Module32First
LCMapStringW
IsBadWritePtr
SetFilePointer
CreateThread
InterlockedDecrement
VirtualQueryEx
GlobalReAlloc
LocalFree
LocalAlloc
Process32Next
Process32First
lstrlenA
GlobalUnlock
ResumeThread
SuspendThread
OpenThread
GetCurrentProcessId
TerminateProcess
GetTimeFormatA
GetDateFormatA
WriteProcessMemory
GetCurrentProcess
MoveFileA
Thread32Next
Thread32First
CreateToolhelp32Snapshot
CopyFileA
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetFileType
GetStdHandle
SetHandleCount
GetACP
HeapSize
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
FlushFileBuffers
GetProcessVersion
FindResourceA
LoadResource
LockResource
GlobalGetAtomNameA
DeleteCriticalSection
GetStringTypeA
HeapReAlloc
HeapFree
IsBadReadPtr
GetUserDefaultLCID
GetFileSize
FindNextFileA
FindFirstFileA
FindClose
GetTickCount
LCMapStringA
GetPrivateProfileStringA
GetEnvironmentVariableA
LoadLibraryA
GetVersionExA
RemoveDirectoryA
GetModuleFileNameA
SetFileAttributesA
RtlFillMemory
GetLocalTime
CreateDirectoryA
CreateEventA
CreatePipe
GlobalAlloc
GlobalAddAtomA
GlobalFindAtomA
SetLastError
GlobalFlags
MulDiv
GetVersion
lstrcpynA
lstrcpyA
lstrcatA
MultiByteToWideChar
GetTempPathA
GetWindowsDirectoryA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
SetProcessWorkingSetSize
MapViewOfFile
OpenProcess
QueryDosDeviceA
RtlMoveMemory
lstrcpyn
GetCurrentThread
GetCurrentThreadId
CloseHandle
ReadProcessMemory
FreeLibrary
FlushInstructionCache
GetCurrentProcess
VirtualProtect
VirtualFree
VirtualQuery
SetFilePointer
GetFileSize
TerminateProcess
SetLastError
GetTimeZoneInformation
GetVersion
SetSystemPowerState
FileTimeToSystemTime
CreateMutexA
ReleaseMutex
TerminateThread
InterlockedIncrement
InterlockedDecrement
LocalFree
FileTimeToLocalFileTime
lstrcpynA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcmpiA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
LocalAlloc
TlsAlloc
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
Thread32Next
GetThreadContext
SetThreadContext
SuspendThread
HeapDestroy
InterlockedExchange
InterlockedCompareExchange
HeapCreate
LoadLibraryW
GetModuleHandleW
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
FindFirstFileA
FindClose
GetFileAttributesA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
GetFileTime
WaitForSingleObject
CloseHandle
GetCurrentThread
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
GetStartupInfoA
RtlUnwind
RaiseException
GetSystemTime
GetLocalTime
HeapSize
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
VirtualAlloc
psapi
GetProcessImageFileNameA
EnumProcesses
GetProcessMemoryInfo
GetModuleFileNameExA
user32
AdjustWindowRectEx
IsWindow
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
PostThreadMessageA
DestroyMenu
CreateDialogIndirectParamA
EndDialog
GetMenuItemCount
MsgWaitForMultipleObjects
MessageBoxA
GetDesktopWindow
SetActiveWindow
ClipCursor
GetFocus
UnhookWindowsHookEx
GetForegroundWindow
GetWindowThreadProcessId
PostMessageA
GetDlgItem
SwapMouseButton
mouse_event
SendMessageTimeoutA
GetDC
EnableWindow
EnumDisplaySettingsA
LockWorkStation
GetKeyboardState
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
IsDialogMessageA
SendDlgItemMessageA
ReleaseDC
GrayStringA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
SetCapture
SetWindowTextA
GetDlgCtrlID
PtInRect
UnregisterClassA
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
GetClientRect
SetTimer
AttachThreadInput
ReleaseCapture
ValidateRect
GetKeyState
ShowCursor
GetAsyncKeyState
TranslateMessage
DispatchMessageA
EnableMenuItem
RedrawWindow
CharLowerA
CharUpperA
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
GetActiveWindow
IsWindowVisible
GetLastActivePopup
IsWindowEnabled
SetCursor
SendMessageA
PostQuitMessage
wsprintfA
GetMessageA
PeekMessageA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetCursorPos
GetSystemMetrics
CallWindowProcA
RegisterHotKey
OpenIcon
SetWindowRgn
SetWindowPos
SetForegroundWindow
ShowWindow
ChangeDisplaySettingsA
GetClassNameA
FindWindowA
SetClassLongA
LoadCursorFromFileA
MoveWindow
GetWindowRect
UnregisterHotKey
SetWindowLongA
ClientToScreen
GetWindowTextA
CallNextHookEx
GetParent
GetWindowLongA
ModifyMenuA
GetMessagePos
SetLayeredWindowAttributes
SetCursorPos
GetWindow
EnumChildWindows
GetWindowInfo
EnumWindows
BlockInput
ExitWindowsEx
keybd_event
ChildWindowFromPointEx
ScreenToClient
GetMessagePos
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
DrawFrameControl
TranslateMessage
LoadIconA
FrameRect
DrawStateA
MessageBoxW
GetPropW
SetClassLongW
GetClassLongW
PostMessageW
SetPropW
CallNextHookEx
CallWindowProcW
SetScrollPos
DefWindowProcW
SetWindowLongW
RemovePropW
GetDesktopWindow
GetClassNameA
GetDlgItem
CopyRect
GetWindowTextA
GetForegroundWindow
ExitWindowsEx
CallWindowProcA
CreateWindowExA
RegisterHotKey
UnregisterHotKey
SetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
SetWindowsHookExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA
GetSysColorBrush
GetSystemMetrics
GetCursorPos
SetScrollRange
GetScrollRange
UnregisterClassA
SetCapture
GetCapture
ReleaseCapture
LoadBitmapA
WinHelpA
KillTimer
FindWindowExA
SetTimer
MessageBoxA
SetRect
InflateRect
IntersectRect
DestroyIcon
PtInRect
OffsetRect
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
GetAsyncKeyState
IsWindowVisible
GetNextDlgTabItem
shell32
SHFileOperationA
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
DragFinish
advapi32
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
CryptDecrypt
LookupAccountSidA
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
RegSetValueExA
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
SetSecurityInfo
InitializeAcl
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
RegCloseKey
RegCreateKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
OpenProcessToken
shlwapi
PathUnmakeSystemFolderA
PathFindExtensionA
PathIsSystemFolderA
PathMakeSystemFolderA
PathFileExistsA
PathRenameExtensionA
PathIsDirectoryEmptyA
PathRemoveBlanksA
StrFormatByteSize64A
PathIsDirectoryA
PathFindFileNameA
dbghelp
MakeSureDirectoryPathExists
comdlg32
ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW
GetSaveFileNameW
GetFileTitleA
GetFileTitleA
oleaut32
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayGetElemsize
SysFreeString
VarR8FromCy
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
VariantTimeToSystemTime
VariantChangeType
SafeArrayDestroyDescriptor
SafeArrayGetDim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantInit
SafeArrayAccessData
UnRegisterTypeLi
LoadTypeLi
LHashValOfNameSys
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantClear
VariantCopy
RegisterTypeLi
iphlpapi
IcmpCloseHandle
IcmpCreateFile
GetNetworkParams
ole32
CLSIDFromProgID
CoCreateInstance
CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromString
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoInitialize
OleRun
CoCreateInstance
CoUninitialize
CLSIDFromProgID
OleRun
crypt32
CryptBinaryToStringA
CryptStringToBinaryA
wininet
InternetConnectA
InternetCloseHandle
InternetTimeToSystemTime
HttpOpenRequestA
InternetOpenA
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetGetCookieA
InternetOpenUrlA
InternetTimeFromSystemTime
InternetSetCookieA
InternetGetCookieExA
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
powrprof
SetSuspendState
gdi32
DeleteObject
TextOutA
SetTextColor
SetBkMode
CreateFontIndirectA
SelectObject
CreateRoundRectRgn
GetObjectA
Escape
ExtTextOutA
CreateBitmap
PtVisible
GetDeviceCaps
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkColor
GetStockObject
RestoreDC
SaveDC
DeleteDC
RectVisible
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
CreateBitmap
CreatePatternBrush
SelectObject
CreatePen
PatBlt
CombineRgn
CreateRectRgn
DPtoLP
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
GetPixel
CreateCompatibleDC
Ellipse
Rectangle
BeginPath
LPtoDP
FillRgn
GetTextMetricsA
Escape
ExtTextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
TranslateCharsetInfo
CreateFontA
SetDIBitsToDevice
SetTextColor
SetBkMode
TextOutA
SetBkColor
CreateRectRgnIndirect
CreateDIBSection
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
winhttp
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
CM_Request_Device_EjectW
winmm
mciSendStringA
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutUnprepareHeader
PlaySoundA
waveOutRestart
waveOutPrepareHeader
wtsapi32
WTSEnumerateProcessesA
WTSFreeMemory
ws2_32
inet_addr
gethostbyname
WSAStartup
gethostname
WSACleanup
WSAAsyncSelect
ntohl
accept
getpeername
recv
closesocket
send
select
WSACleanup
inet_ntoa
WSAStartup
recvfrom
ioctlsocket
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
comctl32
ord17
ord17
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Add
_TrackMouseEvent
oledlg
ord8
msvfw32
DrawDibDraw
avifil32
AVIStreamInfoA
AVIStreamGetFrame
rasapi32
RasGetConnectStatusA
RasHangUpA
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 444KB - Virtual size: 440KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 356KB - Virtual size: 735KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ