Static task
static1
Behavioral task
behavioral1
Sample
549a156c0037fbfe31bf4ad9287340fe.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
549a156c0037fbfe31bf4ad9287340fe.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
549a156c0037fbfe31bf4ad9287340fe
-
Size
5.8MB
-
MD5
549a156c0037fbfe31bf4ad9287340fe
-
SHA1
2808b9a188c55c14e8ab69b74b669d8e597c97cd
-
SHA256
54a2fc5d8f1f63c538a06609ad60dcc912ed39eda44963a10078b016cad69a9a
-
SHA512
6b691ff7fb0f142a1d605514c8fa97c8242ce237383791fea805492c72d58a1f9650eb5efe3455e4e8d59895a71fd808067f1a6185160fe99a2f04a52eed0736
-
SSDEEP
98304:qSP+BLw5i2rkHCYx1DtUC6Inj7GXFQ1RXAL:qSP+ou91DtUZInmXFmwL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 549a156c0037fbfe31bf4ad9287340fe
Files
-
549a156c0037fbfe31bf4ad9287340fe.exe windows:6 windows x64 arch:x64
d8eac65a3d7adbc2303e5e334dd02e0d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
EncodePointer
GetSystemDirectoryW
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
MulDiv
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
GlobalFree
LocalReAlloc
LocalFree
GlobalSize
FormatMessageA
GetCurrentDirectoryA
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileA
FindClose
FindFirstFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
LoadLibraryExA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
GetACP
GetAtomNameA
VirtualProtect
GetOEMCP
GetCPInfo
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToTzSpecificLocalTime
GetWindowsDirectoryA
FindResourceExW
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetProfileIntA
SearchPathA
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
LocalLock
LocalUnlock
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
ActivateActCtx
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlPcToFileHeader
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
VirtualAlloc
VirtualQuery
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
WriteConsoleW
CreateFileW
GlobalUnlock
GetModuleHandleExW
GetModuleFileNameW
FreeResource
SetLastError
OutputDebugStringA
GlobalAddAtomA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
FreeLibrary
GetVersionExA
SuspendThread
CreateEventA
WaitForSingleObject
SetEvent
CreateActCtxW
FindResourceA
RtlLookupFunctionEntry
LoadLibraryW
GetExitCodeProcess
GetTickCount
CreateProcessA
ExitProcess
GetStartupInfoA
GetProcAddress
GetLocalTime
SetFileAttributesA
GetSystemInfo
CloseHandle
lstrcpyA
LoadLibraryA
GetSystemDirectoryA
GetCurrentThread
CreateFileA
CopyFileA
Sleep
lstrcatA
ResumeThread
GetCurrentThreadId
CreateMutexA
GetEnvironmentVariableA
lstrlenA
GetTempPathW
CreatePipe
SetThreadPriority
WriteFile
GetCurrentProcess
GetCommandLineW
SetPriorityClass
GetModuleFileNameA
ReadFile
GetShortPathNameA
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LocalAlloc
HeapFree
user32
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
DestroyMenu
GetMenuItemInfoA
InflateRect
GetAsyncKeyState
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetMenuDefaultItem
TrackMouseEvent
LoadImageW
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
UnionRect
GetSystemMenu
SetParent
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrA
SetWindowRgn
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
SetCursorPos
CopyIcon
FrameRect
GetDCEx
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
DestroyCursor
GetTabbedTextExtentA
GetTabbedTextExtentW
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
DestroyIcon
SetRect
LoadIconW
LoadIconA
UnhookWindowsHookEx
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
UnregisterClassA
EnableWindow
IsIconic
GetClientRect
SendMessageA
SetWindowLongA
GetInputState
PostThreadMessageA
wsprintfA
DrawIcon
GetSystemMetrics
GetMessageA
GetSysColorBrush
LoadCursorW
LoadCursorA
InvalidateRgn
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
OffsetRect
SetRectEmpty
SetScrollInfo
CharUpperA
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoA
GetScrollInfo
CopyImage
ScrollWindowEx
advapi32
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
RegSetValueA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
SetFileSecurityA
GetFileSecurityA
CreateServiceA
RegCloseKey
StartServiceCtrlDispatcherA
RegOpenKeyA
CloseServiceHandle
SetServiceStatus
RegisterServiceCtrlHandlerA
OpenSCManagerA
StartServiceA
RegSetValueExA
RegQueryValueExA
OpenServiceA
shell32
SHGetPathFromIDListA
DragQueryFileA
SHGetFileInfoA
ExtractIconA
SHAddToRecentDocs
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
SHAppBarMessage
ShellExecuteExA
ord165
ShellExecuteA
DragFinish
msimg32
TransparentBlt
AlphaBlend
shlwapi
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA
uxtheme
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText
oledlg
ord8
oleacc
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
gdiplus
GdipDrawImageI
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipDeleteGraphics
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundA
gdi32
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
EnumFontFamiliesExA
CreateFontA
GetCharWidthA
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
SetBkColor
SetTextColor
GetObjectA
BitBlt
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
CreateDCA
CopyMetaFileA
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
ExtTextOutA
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
TextOutA
MoveToEx
ExtCreatePen
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocA
SetColorAdjustment
ModifyWorldTransform
SetWorldTransform
CreateBitmap
GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
SetAbortProc
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
AbortDoc
EndPage
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EnumMetaFile
winspool.drv
ClosePrinter
GetJobA
OpenPrinterA
DocumentPropertiesA
ole32
RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
RegisterDragDrop
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoLockObjectExternal
OleGetClipboard
DoDragDrop
WriteClassStm
CoUninitialize
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CoInitializeEx
StringFromGUID2
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
oleaut32
VariantChangeType
SysStringByteLen
VariantClear
OleCreateFontIndirect
SysAllocString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringByteLen
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
VariantInit
SysFreeString
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocStringLen
Sections
.text Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 167KB - Virtual size: 167KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 138KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.giats Size: 512B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ