Static task
static1
Behavioral task
behavioral1
Sample
a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f.exe
Resource
win10v2004-20231023-en
General
-
Target
a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f
-
Size
364KB
-
MD5
82998af256bdcca32ff68ced996459fa
-
SHA1
d3c269666efce31d05d7ca04c3785c0549b2c657
-
SHA256
a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f
-
SHA512
04db7b6a3abe2ff394ce134544fe5bdbe7607a22f3fed16273c2473e2244247561f4a8b3929e1902482c5bead235d894dc6ca510fd34c3ff4f78acb02e2605f5
-
SSDEEP
6144:M5JUTCqv3EvQfIJRCdagscLWZl6sCBjLh4BHaJojwD6htRVDEfJJDprio:kqvJIr1R0sCBPSBpwDaRFEFd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f
Files
-
a157552da52aabb588358d955beb408d20f591850464953fe17e3324159c3e2f.exe windows:5 windows x86
a9f047cda29769c094ed0a330958a492
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
ReleaseCapture
GetMenuDefaultItem
EnableScrollBar
RegisterShellHookWindow
GetOpenClipboardWindow
WaitForInputIdle
DeferWindowPos
DdeImpersonateClient
RegisterHotKey
MonitorFromPoint
MoveWindow
DefFrameProcW
GetWindowContextHelpId
GetProcessDefaultLayout
GetKeyState
GetClassLongA
EndDeferWindowPos
ScrollWindow
RedrawWindow
DefDlgProcW
GetDC
ReleaseDC
ExitWindowsEx
GetWindowRect
SetForegroundWindow
OffsetRect
BringWindowToTop
SystemParametersInfoW
GetDesktopWindow
SetWindowPos
CopyRect
GetWindowThreadProcessId
DestroyWindow
SetTimer
GetMessageW
PostQuitMessage
LoadImageW
PostMessageW
KillTimer
TranslateMessage
IsDialogMessageW
LoadIconW
GetDlgItem
EndDialog
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
CreateDialogParamW
SetDlgItemTextW
SendMessageW
UpdateWindow
DispatchMessageW
CharNextW
FindWindowW
LoadStringW
GetDlgCtrlID
SetWindowLongA
PeekMessageA
MsgWaitForMultipleObjects
MessageBoxA
LoadStringA
DispatchMessageA
CreateWindowExA
CallWindowProcA
CharPrevA
advapi32
RegSetValueExW
LookupPrivilegeValueW
DuplicateTokenEx
OpenProcessToken
RegNotifyChangeKeyValue
QueryServiceStatusEx
RegCreateKeyExW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
gdi32
GetViewportOrgEx
DrawEscape
GetCurrentPositionEx
SetArcDirection
GetDeviceGammaRamp
FrameRgn
DeleteEnhMetaFile
OffsetRgn
SetViewportOrgEx
EnumEnhMetaFile
GetOutlineTextMetricsA
PlgBlt
IntersectClipRect
EndDoc
CheckColorsInGamut
GetDCBrushColor
GetGlyphOutlineA
GetArcDirection
SetPixel
kernel32
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetHandleCount
GetStartupInfoA
HeapAlloc
HeapReAlloc
TlsAlloc
GetDateFormatA
GetTimeFormatA
EncodeSystemPointer
GetThreadContext
GetThreadTimes
SetMailslotInfo
TransmitCommChar
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
TlsFree
GetCurrentThreadId
HeapFree
GetTimeZoneInformation
HeapCreate
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTimeAsFileTime
TlsSetValue
CreateDirectoryA
CreateProcessA
DeleteFileA
FindResourceA
FormatMessageA
GetACP
GetEnvironmentVariableA
GetFileAttributesA
GetFullPathNameA
GetLocaleInfoA
GetModuleFileNameA
GetSystemDefaultLCID
GetSystemInfo
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
IsDBCSLeadByte
LoadResource
LockResource
RemoveDirectoryA
SetLastError
SizeofResource
VirtualProtect
VirtualQuery
CreateFileA
GetFileType
GetSystemTime
GetStdHandle
RaiseException
RtlUnwind
SetEndOfFile
GetCommandLineA
TlsGetValue
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcpynA
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
MultiByteToWideChar
ReadFile
WriteFile
MulDiv
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsW
lstrcmpW
lstrcmpiW
lstrcmpA
RemoveDirectoryW
lstrcpyA
GetVersion
GetSystemDirectoryW
GetVersionExW
lstrcpyW
OpenProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
lstrcatW
GetTempFileNameW
lstrcmpiA
CreateProcessW
LoadLibraryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
lstrcpynW
lstrlenW
CloseHandle
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
CreateDirectoryW
GetLastError
GetFileAttributesW
Sections
.rdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 31KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text4 Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text1 Size: 117KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ