Static task
static1
Behavioral task
behavioral1
Sample
57b3cbca0429cdae651c56b1acdf3329.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
57b3cbca0429cdae651c56b1acdf3329.exe
Resource
win10v2004-20231215-en
General
-
Target
57b3cbca0429cdae651c56b1acdf3329
-
Size
212KB
-
MD5
57b3cbca0429cdae651c56b1acdf3329
-
SHA1
874acdd71b12c978801e1c5c0cd7b7e3e3878498
-
SHA256
bd2f4b29a67dbe2e6f008c739ed8e73ed82e0b1dab5b2d8ed4659d8704f65067
-
SHA512
944b29cc7fb9c1e972c376d23f33cd668cafd6179b36caf9c7f9f697a95a2ecf6fad8ae2d3697e9e2e4912211daaf6255aa02579619c9c08f2670f00eb47c2d6
-
SSDEEP
3072:cdt6Fd/Xdc31yI51F5/rj+dotPjLUqTOa3ZPa92cKX3/m5gjXzfbWOOV7el7OJN:owPo1yOZ23u3fbWOB4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 57b3cbca0429cdae651c56b1acdf3329
Files
-
57b3cbca0429cdae651c56b1acdf3329.exe windows:4 windows x86 arch:x86
60ae292b7499b8caf8634c1214e4ed78
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetFullPathNameW
RtlUnwind
GetStartupInfoA
TerminateProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
RaiseException
HeapReAlloc
HeapSize
Sleep
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FlushFileBuffers
ExitProcess
SetHandleCount
GetCommandLineA
ReadFile
GetModuleHandleA
WritePrivateProfileStringW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetDriveTypeA
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
FindNextFileW
lstrcpyW
FindFirstFileW
GetLastError
SetLastError
FindClose
GetCommandLineW
SetFilePointer
WriteFile
GetCurrentProcess
FreeLibrary
GetProcessVersion
LoadLibraryA
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetStdHandle
GetCurrentDirectoryW
GetProcAddress
ExpandEnvironmentStringsW
GetModuleHandleW
GetFileType
GetWindowsDirectoryW
GlobalFlags
lstrcmpiW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynW
lstrcatW
SetErrorMode
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentVariableA
GetVersionExA
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExW
InterlockedExchange
user32
GetCapture
GetTopWindow
WinHelpW
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconW
ShowWindow
LoadCursorW
GetSysColorBrush
DestroyMenu
GetMenuItemID
GetDlgItem
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
GetSubMenu
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
LoadBitmapW
GetMenuState
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetMenu
wsprintfW
LoadStringW
RemovePropW
GetMessageTime
SetWindowPos
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
MessageBoxW
EnableWindow
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
GetMenuCheckMarkDimensions
gdi32
DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
RectVisible
TextOutW
PtVisible
Escape
ExtTextOutW
GetObjectW
DeleteDC
CreateBitmap
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
advapi32
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegisterEventSourceW
DeregisterEventSource
ReportEventW
RegCreateKeyExW
comctl32
ord17
Sections
.text Size: 100KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.krdata Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE