Static task
static1
Behavioral task
behavioral1
Sample
e14927c41fb97ee56b2dceb9de78fa5365ec3ac3466584083fa5f9a34f1d87b1.exe
Resource
win7-20231023-en
General
-
Target
e14927c41fb97ee56b2dceb9de78fa5365ec3ac3466584083fa5f9a34f1d87b1
-
Size
5.5MB
-
MD5
18c677ca599b4885e4b7865fa81c1a31
-
SHA1
9cdf3f9f2a53e0f63f138a930e58802f24819385
-
SHA256
e14927c41fb97ee56b2dceb9de78fa5365ec3ac3466584083fa5f9a34f1d87b1
-
SHA512
c40a79cd9c8fb1f551779cc534c5d5e0de46dacb26560890e6d6059cf7144b5c52da6137b3284049cf510b08cf10fdb6d0228d765fa67b207014de16602ddcce
-
SSDEEP
98304:X0XoiaxZfWiUXcWejRVMDhe6yH1ugfHseGKtPDw50E1iTSWqf16yagCs3JZ:EXout6VIs6yH1BfQ1iyXaKZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e14927c41fb97ee56b2dceb9de78fa5365ec3ac3466584083fa5f9a34f1d87b1
Files
-
e14927c41fb97ee56b2dceb9de78fa5365ec3ac3466584083fa5f9a34f1d87b1.exe windows:5 windows x64 arch:x64
06dd3e7bcfb33900b25f9b512af38362
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
CopyFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
GetACP
LocalAlloc
TlsGetValue
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
GetCPInfo
GetOEMCP
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetWindowsDirectoryA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
SearchPathA
GetTickCount
GetProfileIntA
Sleep
VirtualProtect
FindResourceExW
HeapFree
EncodePointer
DecodePointer
ExitProcess
HeapAlloc
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapReAlloc
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapSetInformation
HeapCreate
SetHandleCount
GetStdHandle
GetStartupInfoW
GetConsoleCP
GetConsoleMode
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
IsValidCodePage
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
CompareStringW
WriteConsoleW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetCurrentProcessId
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetModuleFileNameW
ReleaseActCtx
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetModuleHandleA
FreeLibrary
GetProcAddress
CompareStringA
LoadLibraryW
LoadLibraryA
ActivateActCtx
DeactivateActCtx
SetLastError
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
FreeResource
lstrcmpiA
GetVersion
GetFileInformationByHandle
GetDriveTypeA
FindFirstFileExA
GetCurrentDirectoryW
SetFileTime
CreateDirectoryA
GetFileAttributesA
LocalFileTimeToFileTime
lstrcatA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetLastError
lstrlenA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
GetCurrentProcess
DeleteFileA
GetDriveTypeW
user32
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
DestroyIcon
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
MonitorFromPoint
GetSystemMenu
IsMenu
IsRectEmpty
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatA
DrawStateA
CopyImage
LoadImageW
GetMenuDefaultItem
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
GetIconInfo
GetNextDlgGroupItem
DrawIconEx
DrawEdge
DrawFrameControl
SetRect
SetCursorPos
UnionRect
UpdateLayeredWindow
SetMenuDefaultItem
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
IsClipboardFormatAvailable
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffA
CopyIcon
SubtractRect
CreateMenu
GetDoubleClickTime
MapDialogRect
GetWindowRgn
DestroyCursor
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
LoadCursorW
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
SetClassLongPtrA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetAsyncKeyState
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
EnableWindow
LoadIconW
WindowFromPoint
SetCapture
SendMessageA
GetSystemMetrics
GetWindowRect
OffsetRect
GetDC
RealChildWindowFromPoint
IntersectRect
CharUpperA
DestroyMenu
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
GetSysColorBrush
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsW
PeekMessageA
DestroyAcceleratorTable
SystemParametersInfoA
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyA
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
wsprintfA
LoadCursorA
SetCursor
ReleaseDC
GetDesktopWindow
GetCursorPos
GetSubMenu
LoadMenuW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsWindowVisible
DrawIcon
GetClientRect
IsIconic
EnumDisplayMonitors
SetLayeredWindowAttributes
SetRectEmpty
KillTimer
SetTimer
InvalidateRect
DeleteMenu
WaitMessage
PostMessageA
ReleaseCapture
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GetWindowLongPtrA
gdi32
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
DeleteDC
SelectClipRgn
CreateCompatibleBitmap
BitBlt
DeleteObject
GetObjectA
CreateDIBSection
SelectObject
Rectangle
ExcludeClipRect
GetClipBox
SetMapMode
CreateCompatibleDC
SetPixelV
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
SetTextColor
GetTextFaceA
SetPaletteEntries
ExtFloodFill
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
LPtoDP
GetWindowOrgEx
EnumFontFamiliesExA
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreatePolygonRgn
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
SetPixel
StretchBlt
RealizePalette
GetDIBits
SetDIBColorTable
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetTextColor
CreateRoundRectRgn
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
OffsetRgn
GetRgnBox
SetBkColor
shell32
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
oleaut32
SysFreeString
SysStringLen
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
msimg32
TransparentBlt
AlphaBlend
comctl32
ImageList_GetIconSize
shlwapi
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
gdiplus
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup
GdipDrawImageI
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
comdlg32
GetFileTitleA
advapi32
CryptReleaseContext
CryptImportKey
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptEncrypt
ole32
ReleaseStgMedium
CoCreateGuid
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleGetClipboard
DoDragDrop
OleLockRunning
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
wldap32
ord30
ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord143
ord26
ord50
ord60
ord211
ord22
ws2_32
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
getsockopt
getpeername
closesocket
socket
connect
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
ioctlsocket
gethostname
htonl
ntohl
crypt32
CertFreeCertificateContext
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 590KB - Virtual size: 589KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.9MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 89KB - Virtual size: 89KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 102KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 85KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ