Static task
static1
Behavioral task
behavioral1
Sample
dac.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
dac.exe
Resource
win10-20231129-en
Behavioral task
behavioral3
Sample
dac.exe
Resource
win10v2004-20231127-en
Behavioral task
behavioral4
Sample
dac.exe
Resource
win11-20231128-en
General
-
Target
dac.exe
-
Size
22.6MB
-
MD5
111983bd0209f1541e9d1ee618be1c45
-
SHA1
cf15e95ad616bbf3b806b0f6b7290cc14c6b557e
-
SHA256
af582ce1d3bbc2d9201c81a058203e96f81087433b80ddd85f8eb1a66faa8d31
-
SHA512
6c1e810557acffc3c10213aa663b7527f4808b418e80c3c5610a5489994138236457aad1ffd28861b912add0aaa66053a4cdac2b3a47167d075f8e9b2d592511
-
SSDEEP
393216:oHqEnUyriULZiXg6LPmmG3z7z/wQ74cZd060stbgB7OrowyVm9fC8:fXyriULZikmG3zP/p748d0LsqB7uyI48
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dac.exe
Files
-
dac.exe.exe windows:5 windows x64 arch:x64
672101713233a22dba472bfbdc361145
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
WriteConsoleW
IsValidCodePage
SetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetVersion
HeapSetInformation
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
RtlPcToFileHeader
RaiseException
HeapReAlloc
EncodePointer
RtlUnwindEx
RtlLookupFunctionEntry
DecodePointer
ExitProcess
HeapAlloc
HeapFree
GetStartupInfoW
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
InitializeCriticalSectionAndSpinCount
GetTempPathW
GetTempFileNameW
SetErrorMode
GetNumberFormatW
GetWindowsDirectoryW
lstrcpyW
GetCurrentDirectoryW
lstrlenA
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileAttributesExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileW
CreateFileW
lstrcmpiW
GlobalGetAtomNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
WaitForSingleObject
SetThreadPriority
CloseHandle
GetCurrentProcessId
GetModuleFileNameW
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
MulDiv
WideCharToMultiByte
lstrlenW
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
FreeLibrary
CompareStringW
LoadLibraryW
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
lstrcmpW
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
SuspendThread
ResumeThread
LoadLibraryA
GetProcAddress
GetCurrentThreadId
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
user32
LoadMenuW
IntersectRect
UnregisterClassW
DestroyIcon
ReleaseCapture
WindowFromPoint
SetCapture
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
CharUpperW
LoadCursorW
GetSysColorBrush
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
RealChildWindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
ShowOwnedPopups
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
SetTimer
WaitMessage
KillTimer
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
HideCaret
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
RedrawWindow
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetWindowRect
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
EnableScrollBar
NotifyWinEvent
MessageBeep
SetWindowPlacement
GetWindowPlacement
EnableWindow
PostThreadMessageW
PostQuitMessage
OffsetRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetWindowRgn
DestroyCursor
GetIconInfo
SubtractRect
CopyImage
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
GetUpdateRect
GetParent
GetNextDlgTabItem
EndDialog
GetSystemMetrics
LoadIconW
InvalidateRect
GetClientRect
IsIconic
EnableMenuItem
CheckMenuItem
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
GetAsyncKeyState
InvertRect
GetWindowLongPtrW
DrawFocusRect
FrameRect
IsClipboardFormatAvailable
SendMessageW
SetMenuDefaultItem
CreateMenu
IsWindow
DrawIcon
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
DrawEdge
DrawStateW
GetSystemMenu
SetClassLongPtrW
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageW
GetWindowTextW
MapDialogRect
gdi32
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetLayout
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceW
GetClipBox
SetLayout
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateBitmap
GetObjectW
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
RealizePalette
ExcludeClipRect
SetBkColor
CombineRgn
SetTextColor
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetFileTitleW
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
advapi32
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
shell32
DragFinish
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
SHBrowseForFolderW
SHAppBarMessage
DragQueryFileW
comctl32
ImageList_GetIconSize
shlwapi
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
ole32
DoDragDrop
ReleaseStgMedium
OleLockRunning
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
oleaut32
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
SysAllocString
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
ws2_32
ntohs
inet_ntoa
WSAStartup
WSACleanup
gethostbyname
closesocket
htonl
inet_addr
htons
accept
socket
select
bind
WSAGetLastError
WSASetLastError
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
gethostname
msvfw32
DrawDibClose
DrawDibEnd
DrawDibDraw
winmm
PlaySoundW
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
gdiplus
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 532KB - Virtual size: 531KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20.4MB - Virtual size: 20.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 123KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ