Static task
static1
Behavioral task
behavioral1
Sample
Download_Ready-796873.zip
Resource
win11-20231128-en
Behavioral task
behavioral2
Sample
Installs_2023.exe
Resource
win11-20231129-en
General
-
Target
Download_Ready-796873.zip
-
Size
22.6MB
-
MD5
dcc9371596ca693b7d39053b6b3157d3
-
SHA1
fe99c63929237b6095c191ee12dbaeeda101b6e4
-
SHA256
6f8e56c725d81a22d515ac29679615750a09196de6c4d7a12b215e21b4eb5a7d
-
SHA512
1e6c3ce27707a5e97741a41f5f8bad727b47b41252784463bfee37db15dece4a9773b5efed64a7788b34de5e656a88fe728bd6222726ce9e06db00331de713c1
-
SSDEEP
393216:RlHJ/f3O/6QFPzsxhnwroPCWw7TUQw+qI+8o1yGgNVtXx30MJyzzEzuYjJOh:HHPG7voPCWw7piiRDyoNIh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Installs_2023.exe
Files
-
Download_Ready-796873.zip.zip
-
Installs_2023.exe.exe windows:6 windows x86 arch:x86
c823d7d0f1689900248afc078f874eea
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileW
Sleep
ExpandEnvironmentStringsW
GetSystemTime
SwitchToFiber
GetCommandLineA
SystemTimeToFileTime
InitializeCriticalSectionEx
SystemTimeToTzSpecificLocalTime
LCMapStringEx
GetConsoleMode
TlsFree
GetConsoleOutputCP
GlobalAlloc
GetTempPathW
CreateEventW
GetVersionExW
FindNextFileW
OutputDebugStringW
LeaveCriticalSection
HeapSize
GetProcessHeap
TlsAlloc
GetTimeFormatW
SetLastError
FillConsoleOutputCharacterW
PeekNamedPipe
WriteConsoleA
MoveFileExW
LoadLibraryW
CreateThread
HeapFree
GetOEMCP
GetACP
TlsGetValue
FindResourceW
GlobalFree
GetFullPathNameW
GetUserDefaultUILanguage
GetLocaleInfoW
FreeLibrary
SetConsoleMode
DeleteCriticalSection
GetUserDefaultLCID
DeleteFiber
ResumeThread
FileTimeToSystemTime
FindFirstFileExW
GetModuleHandleW
GlobalLock
QueryPerformanceCounter
FindClose
CreateFiber
WriteFile
GetCurrentThread
SetNamedPipeHandleState
GetDriveTypeW
SetEvent
WideCharToMultiByte
SetConsoleCursorPosition
GetModuleFileNameW
FindFirstFileW
TlsSetValue
ReleaseSRWLockExclusive
GetTimeZoneInformation
FreeEnvironmentStringsW
CreateProcessW
GetSystemDirectoryW
GetFileInformationByHandle
GetLogicalDriveStringsW
CreatePipe
GetStringTypeW
SetThreadPriority
CopyFileW
SetHandleInformation
EncodePointer
GetLongPathNameW
lstrlenA
CompareStringW
GetCurrentThreadId
CreateDirectoryW
WaitForMultipleObjects
FreeLibraryAndExitThread
GetNativeSystemInfo
InitializeCriticalSection
IsDebuggerPresent
GlobalHandle
GetFileAttributesExW
GetFileAttributesW
GetEnvironmentVariableW
GetCommandLineW
GetModuleHandleExW
SetUnhandledExceptionFilter
ReadConsoleA
GetCurrentProcess
IsValidLocale
SetFilePointerEx
GetEnvironmentVariableA
ResetEvent
SetConsoleCtrlHandler
GetStartupInfoW
AttachConsole
SetEnvironmentVariableW
WaitForSingleObjectEx
LocalFree
GetCurrentDirectoryW
LCMapStringW
LoadResource
RtlUnwind
ReadConsoleW
CompareFileTime
HeapAlloc
LoadLibraryExW
CreateMutexW
IsProcessorFeaturePresent
FormatMessageW
GlobalSize
GetSystemTimeAsFileTime
SetEndOfFile
GetFileType
CloseHandle
GetTempFileNameW
RaiseException
WaitForSingleObject
GetModuleHandleA
DecodePointer
GetDateFormatW
SizeofResource
GetCPInfo
FreeConsole
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
MultiByteToWideChar
ReadFile
UnhandledExceptionFilter
EnumSystemLocalesW
EnterCriticalSection
FlushFileBuffers
ConvertFiberToThread
ExitThread
SetErrorMode
GetTickCount64
LockResource
GlobalUnlock
InitializeSListHead
DeleteFileW
GetTickCount
GetStdHandle
TerminateProcess
IsValidCodePage
LoadLibraryA
lstrcatA
GetCurrentProcessId
GetProcAddress
GetFileSizeEx
SetStdHandle
AcquireSRWLockExclusive
ReadConsoleOutputCharacterA
MulDiv
SetCurrentDirectoryW
GetExitCodeProcess
VerSetConditionMask
GetConsoleScreenBufferInfo
SleepEx
ExitProcess
ConvertThreadToFiber
GetLastError
WriteConsoleW
VerifyVersionInfoW
QueryPerformanceFrequency
HeapReAlloc
user32
WaitForInputIdle
DdeGetLastError
FindWindowExW
GetWindow
DrawFocusRect
GetCaretBlinkTime
EnumDisplayMonitors
RegisterClassW
DdeFreeDataHandle
DrawTextW
DrawMenuBar
IsClipboardFormatAvailable
SetForegroundWindow
CreateIconIndirect
CreateWindowExW
SetFocus
SetCursor
MonitorFromWindow
CreatePopupMenu
InvalidateRect
InsertMenuW
GetSysColorBrush
GetAsyncKeyState
DispatchMessageW
EndPaint
TranslateMessage
ValidateRgn
ReleaseDC
UpdateWindow
EnableMenuItem
GetClientRect
WindowFromPoint
HideCaret
GetIconInfo
ValidateRect
ScrollWindow
SetMenu
DdeUninitialize
GetCursorPos
RedrawWindow
GetProcessDefaultLayout
RegisterHotKey
SetLayeredWindowAttributes
ChangeDisplaySettingsExW
CallNextHookEx
DdePostAdvise
DefWindowProcW
MessageBoxW
DdeFreeStringHandle
EnumDisplaySettingsW
SendMessageW
GetParent
GetClassNameW
GetDesktopWindow
DestroyCursor
CreateDialogParamW
MessageBeep
GetSystemMenu
DdeGetData
SetScrollInfo
ClientToScreen
PtInRect
EnableScrollBar
DdeCreateStringHandleW
SetMenuInfo
VkKeyScanW
SetParent
IsZoomed
MsgWaitForMultipleObjects
CallWindowProcW
UnhookWindowsHookEx
GetWindowRect
GetMessagePos
GetSubMenu
GetWindowTextLengthW
SetWindowLongW
SetWindowTextW
LoadImageW
LoadIconW
RemoveMenu
MapVirtualKeyW
GetCapture
SetWindowsHookExW
SetRectEmpty
KillTimer
InsertMenuItemW
SetCapture
CreateAcceleratorTableW
GetMenuState
UnregisterHotKey
ChildWindowFromPointEx
IsWindowVisible
RegisterWindowMessageW
GetMonitorInfoW
CreateDialogIndirectParamW
LoadBitmapW
GetUserObjectInformationW
MonitorFromPoint
FillRect
LoadCursorW
SystemParametersInfoW
ChildWindowFromPoint
MoveWindow
CheckMenuRadioItem
DrawIconEx
TranslateAcceleratorW
CopyRect
ModifyMenuW
InflateRect
RegisterClipboardFormatW
DrawFrameControl
GetMenuItemID
DdeClientTransaction
AppendMenuW
IsRectEmpty
DdeCreateDataHandle
DrawEdge
GetMessageW
GetUpdateRgn
GetMenuItemInfoW
FlashWindowEx
GetActiveWindow
SetWindowPos
GetWindowTextW
GetDC
EndDeferWindowPos
SetTimer
PostQuitMessage
IsWindowEnabled
DdeQueryStringW
GetKeyState
GetProcessWindowStation
BeginPaint
GetFocus
EnableWindow
AnimateWindow
DdeInitializeW
DdeConnect
SetMenuItemInfoW
DestroyIcon
GetSystemMetrics
GetMessageTime
DdeDisconnect
wsprintfA
DestroyMenu
ShowWindow
GetDialogBaseUnits
DestroyWindow
IsDialogMessageW
keybd_event
SetWindowRgn
BringWindowToTop
GetWindowLongW
ReleaseCapture
OffsetRect
PostMessageW
PostThreadMessageW
UnionRect
SetRect
GetSysColor
IsMenu
ScreenToClient
DeferWindowPos
IsIconic
TrackPopupMenu
CheckMenuItem
DdeNameService
IsWindow
GetWindowPlacement
GetWindowDC
MapWindowPoints
DestroyAcceleratorTable
BeginDeferWindowPos
GetComboBoxInfo
GetMenuItemCount
GetDoubleClickTime
DrawStateW
UnregisterClassW
SetCursorPos
CreateMenu
GetDlgItem
GetClipboardFormatNameW
PeekMessageW
GetScrollInfo
comctl32
ImageList_SetBkColor
ImageList_Add
ImageList_Create
ImageList_GetImageInfo
ImageList_Replace
ImageList_Draw
ImageList_GetIconSize
ord16
ord17
ImageList_Destroy
oleacc
LresultFromObject
uxtheme
GetThemeSysFont
GetThemeMargins
DrawThemeBackground
IsThemePartDefined
GetThemeBackgroundExtent
GetCurrentThemeName
GetThemeSysColor
CloseThemeData
IsThemeActive
GetThemeColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
GetThemeFont
GetThemeInt
GetThemeBackgroundContentRect
OpenThemeData
IsAppThemed
GetThemePartSize
ws2_32
WSACloseEvent
WSACleanup
__WSAFDIsSet
select
accept
WSAEventSelect
listen
getnameinfo
getaddrinfo
recvfrom
sendto
ioctlsocket
gethostname
shutdown
WSAIoctl
WSAResetEvent
WSACreateEvent
freeaddrinfo
WSAEnumNetworkEvents
closesocket
WSAGetLastError
recv
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
send
WSASetLastError
WSAWaitForMultipleEvents
htonl
WSAStartup
wldap32
ord127
ord27
ord26
ord117
ord301
ord142
ord147
ord79
ord133
ord167
ord208
ord46
ord219
ord145
ord41
ord216
ord14
crypt32
CertOpenSystemStoreW
CertGetCertificateContextProperty
CertCloseStore
CertOpenStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertEnumCertificatesInStore
CertFindCertificateInStore
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
shlwapi
SHAutoComplete
msimg32
AlphaBlend
GradientFill
bcrypt
BCryptGenRandom
gdi32
Pie
ExtCreateRegion
PolyBezier
GetViewportExtEx
CloseEnhMetaFile
SetWindowOrgEx
StartPage
GetOutlineTextMetricsW
EndDoc
CreateRectRgn
SetViewportExtEx
CreateBitmapIndirect
DeleteDC
CreateDIBitmap
SetBkColor
Rectangle
SetGraphicsMode
SelectPalette
RealizePalette
CreatePen
GetCharABCWidthsW
SetAbortProc
SetROP2
LPtoDP
ExtTextOutW
GetTextExtentExPointW
GetPixel
GetGraphicsMode
GetRgnBox
ModifyWorldTransform
GetWorldTransform
OffsetRgn
RoundRect
CreateCompatibleDC
MoveToEx
CreateCompatibleBitmap
SelectClipRgn
GetPaletteEntries
ExtSelectClipRgn
PtInRegion
DeleteObject
GetStockObject
GetTextMetricsW
SetDIBColorTable
SetBrushOrgEx
CreateEnhMetaFileW
SetTextColor
GetObjectType
LineTo
Ellipse
EqualRgn
PolyPolygon
GetLayout
CombineRgn
PlayEnhMetaFile
SetMapMode
CreateRectRgnIndirect
SetBkMode
StretchDIBits
CreateDIBSection
GetDeviceCaps
SetWindowExtEx
SetStretchBltMode
GdiFlush
GetDIBits
GetBkColor
GetWindowExtEx
GetNearestPaletteIndex
GetSystemPaletteEntries
RectInRegion
CreateHatchBrush
MaskBlt
SetWorldTransform
DeleteEnhMetaFile
GetRegionData
SetPixel
GetEnhMetaFileHeader
CreateICW
SelectObject
StretchBlt
GetDIBColorTable
EndPage
SetLayout
StartDocW
CreateBitmap
ExtFloodFill
SetViewportOrgEx
GetTextExtentPoint32W
SetPolyFillMode
ExcludeClipRect
ExtCreatePen
Polyline
GetEnhMetaFileW
DPtoLP
CreateDCW
CreatePalette
CreatePatternBrush
EnumFontFamiliesExW
GetObjectW
GetClipBox
CreateSolidBrush
BitBlt
Arc
Polygon
CreateFontIndirectW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
comdlg32
PrintDlgW
PageSetupDlgW
CommDlgExtendedError
ChooseFontW
advapi32
CryptDecrypt
RegOpenKeyExW
CryptReleaseContext
RegDeleteKeyW
RegisterEventSourceW
RegEnumKeyW
CryptAcquireContextW
GetUserNameW
CryptExportKey
RegQueryValueExW
RegDeleteValueW
ReportEventW
CryptSetHashParam
RegSetValueExW
CryptCreateHash
DeregisterEventSource
CryptDestroyKey
RegEnumValueW
RegCreateKeyExW
CryptGetProvParam
CryptDestroyHash
RegCloseKey
CryptGetUserKey
CryptSignHashW
CryptEnumProvidersW
shell32
DragAcceptFiles
DragFinish
ExtractIconW
ExtractIconExW
DragQueryPoint
SHGetFolderPathW
CommandLineToArgvW
DragQueryFileW
ord6
SHGetFileInfoW
ole32
OleFlushClipboard
OleUninitialize
CoTaskMemAlloc
OleInitialize
CoCreateInstance
OleGetClipboard
CoTaskMemFree
ReleaseStgMedium
OleSetClipboard
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
Sections
.text Size: 9.1MB - Virtual size: 9.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 346KB - Virtual size: 415KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 244KB - Virtual size: 243KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ