Static task
static1
Behavioral task
behavioral1
Sample
edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222.exe
Resource
win10v2004-20231020-en
General
-
Target
edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222
-
Size
1.6MB
-
MD5
981548b433b87389e486c12ad948570f
-
SHA1
faeaf19103f0c8be3ff5ab08d04d439b474dbb95
-
SHA256
edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222
-
SHA512
add83e3ce0fec3ed90b38e700b23ff8a9838bf68b4e1a10c6305c4e5ee20c4c7c7fce50f7a18a0fdf01a1e3b09f6200edf29b3436f93c87534fd3b4036565b65
-
SSDEEP
24576:6rRAFAjaODEV0BqVT53xZmAnAG8eNIvITcWFt7GaDbU2giIjjyHFS8gee:i2WjaODyTfqeCvIrFt7VbU2g7jygee
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222
Files
-
edf8e923197a28bc3777408f828ae934e3a94d020230d93b04408118908d4222.exe windows:6 windows x86 arch:x86
4c80a5ae4c298257ac5d5fb4751481a2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpynW
TerminateProcess
IsBadReadPtr
VirtualProtect
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
SetUnhandledExceptionFilter
CloseHandle
lstrlenW
SetLastError
GetTempPathW
GetFullPathNameW
FindNextFileW
FindFirstFileW
FindAtomW
CopyFileW
TerminateThread
Sleep
GetTickCount
GetCommandLineW
ResumeThread
WaitForSingleObjectEx
GetCurrentThread
GetOverlappedResult
CreateNamedPipeW
SetNamedPipeHandleState
DisconnectNamedPipe
ConnectNamedPipe
WriteFile
FindClose
DeleteFileW
GetModuleHandleW
GetCurrentProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
MultiByteToWideChar
lstrcmpiW
LoadLibraryW
FindResourceW
SizeofResource
AddAtomW
LoadResource
GetProcAddress
FreeLibrary
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
ReadFile
CreateFileW
ReleaseMutex
ResetEvent
WideCharToMultiByte
LoadLibraryExW
CreateMutexW
WaitForMultipleObjects
CreateEventW
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetStartupInfoW
CreateProcessW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapFree
HeapReAlloc
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
GetFileAttributesExW
RtlUnwind
GetSystemWindowsDirectoryW
CreateFileA
GetSystemDirectoryW
lstrcmpiA
LockResource
DeleteAtom
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
GetStringTypeW
FormatMessageW
DuplicateHandle
SwitchToThread
GetExitCodeThread
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
LocalFree
GetACP
MulDiv
ExitProcess
FreeResource
GetFileSize
lstrcmpW
SetEndOfFile
SetFilePointer
GetVersion
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GetTempFileNameW
GetLocalTime
UnhandledExceptionFilter
FlushFileBuffers
CreateTimerQueue
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
ReleaseSemaphore
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
DeviceIoControl
lstrcmpA
user32
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
CreateCaret
GetCaretBlinkTime
SetCaretPos
ScreenToClient
MapWindowPoints
IntersectRect
IsRectEmpty
GetParent
GetClassNameW
GetWindow
MonitorFromWindow
RegisterClassW
ShowWindow
ReleaseCapture
SetPropW
GetPropW
LoadImageW
IsIconic
SetWindowRgn
MessageBoxW
SetCapture
CharPrevW
DrawTextW
SetRect
DrawIconEx
GetIconInfo
GetMessagePos
GetDlgCtrlID
DrawFocusRect
FillRect
HideCaret
ShowCaret
ClientToScreen
GetSysColor
GetWindowDC
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
RemovePropW
FindWindowExW
IsWindowEnabled
GetKeyState
GetFocus
IsZoomed
IsWindowVisible
UpdateLayeredWindow
IsChild
FindWindowW
PostMessageW
UnregisterClassW
SendMessageW
MonitorFromPoint
ReleaseDC
GetDC
OffsetRect
UnionRect
InflateRect
SetCursor
wvsprintfW
wsprintfW
EnableWindow
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
GetWindowThreadProcessId
PtInRect
CopyRect
GetWindowRect
GetForegroundWindow
BringWindowToTop
SetWindowPos
AttachThreadInput
SetFocus
GetCursorPos
SetForegroundWindow
MoveWindow
DestroyIcon
LoadIconW
PostQuitMessage
RegisterWindowMessageW
LoadCursorW
SetWindowLongW
GetWindowLongW
KillTimer
SetTimer
DestroyWindow
IsWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
CallWindowProcW
CharNextW
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
advapi32
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetTokenInformation
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
shell32
SHCreateDirectoryExW
Shell_NotifyIconW
ord680
ShellExecuteExW
SHFileOperationW
ole32
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleLockRunning
oleaut32
SafeArrayPutElement
SysStringLen
SysFreeString
SafeArrayCreate
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
VarUI4FromStr
shlwapi
PathCombineW
StrCmpIW
StrStrIW
SHSetValueA
StrCmpNIW
StrTrimA
StrCpyW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
wnsprintfA
SHGetValueA
PathFindFileNameW
SHAutoComplete
StrStrIA
comctl32
ImageList_GetIconSize
InitCommonControlsEx
_TrackMouseEvent
ord17
ImageList_DrawEx
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
urlmon
URLDownloadToCacheFileW
URLDownloadToFileW
secur32
GetUserNameExW
wininet
InternetGetConnectedState
iphlpapi
GetAdaptersInfo
gdi32
GetTextExtentPoint32W
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetStockObject
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
SetDIBColorTable
TextOutW
ExtTextOutW
CreateSolidBrush
GetTextColor
CreateDCW
GetDIBits
SetDIBitsToDevice
msimg32
AlphaBlend
GradientFill
gdiplus
GdipLoadImageFromFile
GdipDrawEllipseI
GdipImageGetFrameDimensionsList
GdipGetImageEncodersSize
GdipGetImagePixelFormat
GdipImageGetFrameDimensionsCount
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdipAddPathArc
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectRectI
GdipDrawImagePointsI
GdipFillPath
GdipGetImageEncoders
GdipAlloc
GdipFree
GdipCreatePath
GdipDeletePath
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipGraphicsClear
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 249KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 182KB - Virtual size: 182KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ