Behavioral task
behavioral1
Sample
340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3
-
Size
8.5MB
-
MD5
2fe6d818b97b8721243b8b7cd5d501ce
-
SHA1
f5e435273c0fcb71ddaf5d2421cfd36b0bdca5dd
-
SHA256
340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3
-
SHA512
90105abaab6f8a08e9a1628c8ca258e2d2625ecb598e083436d32a76a2bd56aeda848abc5c9aec2b9caafcbe794c081bee0e9ce4544092247c579af44a9f3b31
-
SSDEEP
196608:J3uJNG4Fqbqcj9zaPjKWb2weR1vAQ9bJr/6T:Bu/G+o025Vq
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3
Files
-
340f5ed2c075ae1623003020a90f5e03705f9bd309f123d30f64db35c4dd8db3.exe windows:5 windows x86
c690506d8f46126147eaaa71e1f0716a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
WriteFile
OutputDebugStringW
ExitProcess
GlobalUnlock
GlobalLock
GlobalAlloc
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetModuleFileNameW
ReadFile
GetFileSize
CreateFileW
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
FreeLibrary
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetDriveTypeW
GetACP
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
VerifyVersionInfoA
GetSystemDirectoryA
FormatMessageA
ExpandEnvironmentStringsA
PeekNamedPipe
GetStdHandle
GetFileType
WaitForMultipleObjects
SleepEx
GetCPInfo
GetStringTypeW
LCMapStringW
QueryPerformanceFrequency
TryEnterCriticalSection
SwitchToThread
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
GetVersionExW
GetCurrentThread
GlobalFindAtomW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
EncodePointer
ResumeThread
SetThreadPriority
GetProcAddress
LoadLibraryW
Sleep
GetLocalTime
GetCurrentThreadId
CreateEventW
SetEvent
GlobalSize
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
GetLastError
SetLastError
OutputDebugStringA
DecodePointer
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DeleteCriticalSection
GetModuleHandleA
GetModuleHandleW
lstrcmpA
GlobalGetAtomNameW
FileTimeToSystemTime
CompareStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentProcessId
GlobalFlags
lstrcmpW
GlobalAddAtomW
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
LoadLibraryExW
LoadLibraryA
lstrcmpiW
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
GetProcAddress
LocalAlloc
LocalFree
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowWindow
ClientToScreen
SetWindowTextW
MessageBeep
ReleaseDC
GetDC
DrawTextW
FillRect
SetWindowPos
GetSystemMetrics
MessageBoxW
MessageBoxA
SendMessageW
wsprintfW
GetAsyncKeyState
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetWindowTextW
GetWindowTextLengthW
UnhookWindowsHookEx
GetSysColor
GetSysColorBrush
LoadCursorW
EnableWindow
IsWindowEnabled
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
SetFocus
SetScrollPos
GetScrollPos
GetWindow
IsWindow
MoveWindow
GetDlgItem
CheckDlgButton
GetDlgCtrlID
GetFocus
SetWindowLongW
IsDialogMessageW
GetWindowRect
PtInRect
GetDesktopWindow
GetClassNameW
RealChildWindowFromPoint
DestroyIcon
CharUpperW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
ScreenToClient
RegisterWindowMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetClientRect
AdjustWindowRectEx
MapWindowPoints
CopyRect
EqualRect
GetClassLongW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
PostQuitMessage
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
InflateRect
IntersectRect
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
SetRectEmpty
OffsetRect
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
MapDialogRect
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
KillTimer
InvalidateRect
TrackMouseEvent
LoadImageW
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW
gdi32
PtVisible
RectVisible
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
IntersectClipRect
GetDeviceCaps
CreateDCW
CopyMetaFileW
ExtSelectClipRgn
DeleteObject
CreateFontIndirectW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextExtentPoint32W
GetStockObject
SelectObject
SetTextColor
SetBkColor
MoveToEx
LineTo
TextOutW
TextOutA
CreateCompatibleDC
CreateCompatibleBitmap
SelectPalette
GetWindowExtEx
BitBlt
GetViewportExtEx
SelectClipRgn
SaveDC
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetTextMetricsW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
GetObjectW
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
RestoreDC
comdlg32
GetSaveFileNameW
GetOpenFileNameW
shell32
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
ShellExecuteA
msimg32
TransparentBlt
AlphaBlend
shlwapi
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindFileNameW
StrFormatKBSizeW
PathFindExtensionW
uxtheme
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
ws2_32
WSAIoctl
getaddrinfo
freeaddrinfo
winmm
PlaySoundW
wldap32
gdiplus
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI
xcgui
XModalWnd_Create
XBtn_IsCheck
XSliderBar_GetPos
XEle_SetRectEx
XBtn_SetStyle
XEle_IsShow
XListBox_SetSelectItem
XListBox_CreateAdapter
XRichEdit_EnableReadOnly
XBtn_SetText
XRichEdit_DeleteAll
XShapeText_GetText
XShapeText_GetTextLength
XWnd_SetLayoutSize
XMenu_AddItem
XMenu_Create
XWnd_ShowWindow
XListBox_SetItemData
XBtn_SetIconAlign
XBtn_SetIcon
XBtn_SetTextAlign
XEle_SetTextColor
XEle_Enable
XEle_SetTopmost
XRichEdit_SetDefaultTextColor
XWnd_Create
XWnd_GetBkManager
XBkM_AddFill
XRichEdit_Create
XBtn_Create
XRichEdit_SetCurrentInputTextColor
XRichEdit_EnableMultiLine
XEle_EnableBkTransparent
XEle_EnableMouseThrough
XProgBar_Create
XProgBar_SetRange
XProgBar_SetPos
XProgBar_SetSpaceTwo
XEle_EnableFocus
XImage_LoadMemory
XProgBar_SetImageLoad
XRichEdit_InsertString
XFont_Create2
XAdTable_AddItemText
XAdTable_AddColumn
XWnd_GetHWND
XShapeText_Create
XShapeText_SetTextColor
XShapeText_SetFont
XModalWnd_DoModal
XEle_RedrawEle
XModalWnd_EndModal
_XEle_RemoveEvent
XC_IsHELE
_XEle_RegEvent
_XWnd_RegEvent
XEle_SetUserData
XEle_Create
XBtn_AddBkImage
XImage_LoadMemoryRect
XRichEdit_SetText
XBtn_AddBkBorder
XBtn_AddBkFill
XShapeLine_Create
XRichEdit_SetLimitNum
XListBox_GetItemData
XListBox_GetSelectItem
XAdTable_DeleteItemAll
XListBox_GetAdapter
XRichEdit_GetText
XRichEdit_GetTextLength
XEle_SetFont
XMenu_Popup
XListBox_BindAdapter
XAdTable_Create
XListBox_EnableMultiSel
XListBox_AddItemBkFill
XListBox_Create
XRichEdit_EnableEvent_XE_RICHEDIT_CHANGE
XRichEdit_SetDefaultText
XWnd_KillTimer
XWnd_SetTimer
XEle_GetBkManager
XEle_EnableDrawFocus
XSliderBar_GetButton
XEle_AddBkFill
XSliderBar_SetPos
XSliderBar_SetSpaceTwo
XBtn_SetType
XBtn_SetGroupID
XBtn_SetCheck
XShapePic_Create
XShapeText_SetLayoutWidth
XShapeText_SetTextAlign
XEle_ShowEle
XShapeText_SetText
XWnd_RedrawWnd
XShapePic_SetImage
XEle_GetUserData
XSliderBar_SetButtonWidth
XSliderBar_SetButtonHeight
XSliderBar_SetRange
XSliderBar_SetHorizon
XEle_SetToolTip
XShapeGif_Create
XShapeGif_SetImage
XShape_Destroy
XSliderBar_Create
XRichEdit_EnableAutoWrap
XSView_ShowSBarV
XShape_Redraw
XModalWnd_CreateEx
XImage_GetHeight
XImage_GetWidth
XShapePic_SetLayoutHeight
XShapePic_SetLayoutWidth
XEle_GetHWINDOW
XWnd_CreateCaret
XWnd_SetCaretColor
XWnd_SetCaretPos
XWnd_ShowCaret
XDraw_BitBlt
XDraw_GetOffset
XSView_Create
XEle_GetHWND
XEle_GetWidth
XEle_GetHeight
XSView_SetTotalSize
XSView_ShowSBarH
XSView_SetBorderSize
XEle_PostEvent
_XC_AddType
_XC_BindData
XSView_SetLineSize
XSView_ScrollTop
XEle_SendEvent
XSView_GetLineSize
XSView_GetViewPosH
XSView_GetViewPosV
XSView_GetScrollBarV
XImage_Release
XImage_EnableAutoDestroy
XImage_EnableCenter
XExitXCGUI
XRunXCGUI
XC_EnableDebugFile
XInitXCGUI
XEle_Destroy
XEle_GetRect
_XC_GetBindData
XSBar_GetRange
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
CryptCreateHash
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
RegCloseKey
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
CryptEncrypt
ole32
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoDisconnectObject
CoCreateInstance
oleaut32
wtsapi32
WTSSendMessageW
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 444KB - Virtual size: 444KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp0 Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 192KB - Virtual size: 192KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.l1 Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE