Static task
static1
Behavioral task
behavioral1
Sample
066f21c62a6ca63ac6254b7986790d58.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
066f21c62a6ca63ac6254b7986790d58.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
066f21c62a6ca63ac6254b7986790d58
-
Size
433KB
-
MD5
066f21c62a6ca63ac6254b7986790d58
-
SHA1
cbd6a0e9a996bb2c2d9363845b6d0401929f618e
-
SHA256
b84dcab20231708e320bd7fae3aec40790fe911f50fa1abef4b1c12cca18deb4
-
SHA512
694b37d8802b646b535bff4c95aa41b7e879dc1af080efa32c602b2c9327909732528a76fa09d56eeb3d6d5d4ddb3a785153cd7710480c05b7665a4902648f07
-
SSDEEP
12288:9AhGc0MMZsnpJSltluEpn+JCTp3v/zDuRMTKE1dVl:9AhGcN6snstQMTp3v/zFKE1dVl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 066f21c62a6ca63ac6254b7986790d58
Files
-
066f21c62a6ca63ac6254b7986790d58.exe windows:4 windows x86 arch:x86
9ced4f0bcb8d1921457b7f84b810341e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetSetCookieW
FindFirstUrlCacheContainerW
FindNextUrlCacheContainerW
GetUrlCacheGroupAttributeW
InternetGetConnectedState
SetUrlCacheEntryGroup
InternetInitializeAutoProxyDll
InternetGetConnectedStateEx
InternetGoOnline
InternetSetOptionW
InternetCombineUrlW
InternetCanonicalizeUrlW
InternetFindNextFileA
SetUrlCacheHeaderData
InternetSecurityProtocolToStringW
FindFirstUrlCacheEntryW
InternetCheckConnectionA
InternetAutodial
InternetSetOptionExA
FindFirstUrlCacheEntryA
HttpEndRequestA
InternetConfirmZoneCrossingA
InternetSetFilePointer
InternetSetCookieA
GetUrlCacheEntryInfoW
InternetErrorDlg
ShowX509EncodedCertificate
FreeUrlCacheSpaceW
InternetConfirmZoneCrossing
InternetGoOnlineW
RetrieveUrlCacheEntryFileA
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
InternetConnectW
ShowSecurityInfo
GopherFindFirstFileW
InternetGetConnectedStateExA
RetrieveUrlCacheEntryStreamW
FtpGetFileW
UnlockUrlCacheEntryFileW
RunOnceUrlCache
InternetTimeToSystemTime
FindCloseUrlCache
InternetHangUp
InternetSetOptionA
IsUrlCacheEntryExpiredA
InternetConnectA
FtpRemoveDirectoryA
InternetOpenUrlA
RetrieveUrlCacheEntryFileW
InternetDialW
GopherGetLocatorTypeA
InternetAutodialHangup
FtpDeleteFileA
FtpRemoveDirectoryW
FindFirstUrlCacheEntryExW
HttpSendRequestW
InternetWriteFileExA
InternetCheckConnectionW
GetUrlCacheConfigInfoA
InternetShowSecurityInfoByURL
GopherGetAttributeA
InternetDial
InternetShowSecurityInfoByURLW
GopherGetLocatorTypeW
RegisterUrlCacheNotification
InternetTimeFromSystemTimeA
DeleteUrlCacheEntryW
GetUrlCacheEntryInfoExW
FtpCommandW
InternetReadFile
FindNextUrlCacheEntryExW
UnlockUrlCacheEntryFileA
SetUrlCacheGroupAttributeA
GetUrlCacheEntryInfoExA
InternetGetCertByURLA
CreateUrlCacheEntryW
FindNextUrlCacheContainerA
InternetCrackUrlA
GopherCreateLocatorA
InternetTimeToSystemTimeW
GopherCreateLocatorW
CreateUrlCacheEntryA
CommitUrlCacheEntryA
InternetCrackUrlW
InternetSetDialState
InternetReadFileExA
FtpRenameFileA
InternetSecurityProtocolToStringA
FtpFindFirstFileW
HttpAddRequestHeadersA
DeleteIE3Cache
FtpCommandA
HttpAddRequestHeadersW
InternetOpenA
GopherOpenFileA
FindNextUrlCacheEntryW
InternetGetConnectedStateExW
FindNextUrlCacheEntryA
InternetCloseHandle
FtpRenameFileW
FindFirstUrlCacheEntryExA
FtpOpenFileW
GetUrlCacheGroupAttributeA
InternetTimeFromSystemTimeW
CreateUrlCacheGroup
InternetQueryOptionW
DeleteUrlCacheContainerA
GetUrlCacheConfigInfoW
InternetGetLastResponseInfoA
InternetCreateUrlA
FindFirstUrlCacheGroup
FtpOpenFileA
InternetOpenW
InternetUnlockRequestFile
DeleteUrlCacheContainerW
InternetWriteFileExW
InternetShowSecurityInfoByURLA
LoadUrlCacheContent
UnlockUrlCacheEntryFile
HttpQueryInfoW
InternetOpenUrlW
FindFirstUrlCacheContainerA
InternetQueryDataAvailable
InternetSetDialStateW
FtpPutFileEx
DeleteUrlCacheEntry
ResumeSuspendedDownload
SetUrlCacheConfigInfoW
InternetQueryOptionA
InternetCanonicalizeUrlA
GopherOpenFileW
InternetGoOnlineA
InternetGetCertByURL
HttpEndRequestW
ShowCertificate
FtpGetFileEx
UnlockUrlCacheEntryStream
GopherFindFirstFileA
InternetGetLastResponseInfoW
IsHostInProxyBypassList
InternetConfirmZoneCrossingW
HttpSendRequestA
ReadUrlCacheEntryStream
SetUrlCacheGroupAttributeW
DeleteUrlCacheGroup
FtpPutFileW
FtpFindFirstFileA
FindNextUrlCacheEntryExA
InternetCombineUrlA
InternetTimeToSystemTimeA
DetectAutoProxyUrl
InternetAlgIdToStringA
CommitUrlCacheEntryW
IsUrlCacheEntryExpiredW
UpdateUrlCacheContentPath
InternetAlgIdToStringW
InternetQueryFortezzaStatus
InternetFortezzaCommand
SetUrlCacheEntryGroupA
InternetSetDialStateA
InternetSetOptionExW
HttpQueryInfoA
GopherGetAttributeW
CreateUrlCacheContainerA
CreateUrlCacheContainerW
FtpSetCurrentDirectoryA
gdi32
GetEnhMetaFileDescriptionW
PolyTextOutW
CreateCompatibleDC
ResetDCW
SetWindowOrgEx
FillPath
CombineRgn
AddFontResourceW
GetCurrentObject
SetTextColor
FillRgn
GetCharWidthFloatW
GetColorSpace
GetKerningPairsW
Escape
GetPaletteEntries
EnumICMProfilesW
SetGraphicsMode
PtInRegion
GetTextExtentPoint32W
GetTextExtentExPointA
Chord
CreateDIBPatternBrushPt
PlgBlt
StrokeAndFillPath
UpdateICMRegKeyA
ChoosePixelFormat
GetCurrentPositionEx
CreateDIBPatternBrush
AbortDoc
GetAspectRatioFilterEx
SetMetaRgn
RoundRect
GetGlyphOutlineA
EnumMetaFile
gdiPlaySpoolStream
GetTextColor
WidenPath
ResetDCA
CloseMetaFile
CreateBrushIndirect
GetEnhMetaFileA
CloseEnhMetaFile
GetSystemPaletteUse
GetClipBox
CreateHatchBrush
CreatePolyPolygonRgn
OffsetClipRgn
GetCharWidth32W
CreateFontA
TranslateCharsetInfo
CopyMetaFileA
GetBitmapBits
PathToRegion
SetColorSpace
EnumFontFamiliesExA
ExtCreateRegion
GetCharABCWidthsFloatW
SetPolyFillMode
CreateFontW
SetWindowExtEx
SetBitmapBits
GetStockObject
InvertRgn
GetArcDirection
GetTextCharacterExtra
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
UnmapViewOfFile
GlobalFree
WriteProfileSectionA
SetEndOfFile
GetTempFileNameW
WritePrivateProfileStringW
FlushInstructionCache
CopyFileExA
FillConsoleOutputAttribute
FindFirstFileW
Process32Next
lstrcmpA
Heap32First
RemoveDirectoryW
GetFileAttributesA
CreateWaitableTimerA
SetComputerNameW
GetExitCodeProcess
ReadFileScatter
GetDiskFreeSpaceA
GetLocalTime
GetNamedPipeInfo
LocalAlloc
CreateToolhelp32Snapshot
FillConsoleOutputCharacterW
AllocConsole
SetEnvironmentVariableW
GlobalDeleteAtom
HeapValidate
GetProfileSectionW
OpenWaitableTimerA
FileTimeToDosDateTime
GetConsoleCP
CreateMailslotA
SetSystemTimeAdjustment
SignalObjectAndWait
SearchPathA
DuplicateHandle
GetEnvironmentStringsA
FreeConsole
VirtualProtectEx
FindAtomW
lstrcmp
CreateFileW
CreateDirectoryExA
IsValidCodePage
SetConsoleCtrlHandler
ReadConsoleInputW
GetStartupInfoW
GetProcessHeap
TransactNamedPipe
ReadFile
GetFullPathNameW
InterlockedDecrement
GlobalReAlloc
DeleteCriticalSection
LockFileEx
CreateRemoteThread
lstrlenW
ReadConsoleW
GetDriveTypeA
HeapSize
ConnectNamedPipe
Thread32Next
WaitCommEvent
GetQueuedCompletionStatus
GetTimeZoneInformation
WriteFileEx
ReleaseMutex
WriteProfileSectionW
LoadLibraryW
SetPriorityClass
PulseEvent
GetPrivateProfileStructA
RemoveDirectoryA
GlobalWire
WriteConsoleOutputCharacterW
BeginUpdateResourceA
GetProfileStringW
HeapCreate
EnumDateFormatsW
OutputDebugStringW
GetConsoleMode
GetExitCodeThread
GetTempPathW
SetHandleCount
GetLogicalDriveStringsA
ReadDirectoryChangesW
SetConsoleMode
SetConsoleOutputCP
MultiByteToWideChar
GetFileTime
WaitForMultipleObjects
GetProcessTimes
lstrcat
OpenMutexA
TlsSetValue
SetCurrentDirectoryA
DebugActiveProcess
EnumDateFormatsExW
LockFile
GetFileAttributesExA
SetLastError
CreateFileMappingA
GetProcessVersion
WaitNamedPipeA
GetSystemTime
lstrcpynW
FindNextChangeNotification
GetShortPathNameW
UnlockFileEx
GetLocaleInfoA
SetFileAttributesA
HeapDestroy
GetConsoleOutputCP
CreatePipe
WriteConsoleOutputAttribute
VirtualQueryEx
DefineDosDeviceA
DeleteFileW
OpenMutexW
GlobalUnlock
EnumSystemCodePagesA
UnhandledExceptionFilter
TlsFree
GetAtomNameA
GetCompressedFileSizeW
ExitThread
GetThreadContext
WaitNamedPipeW
GetCurrencyFormatA
GetProcAddress
GetUserDefaultLCID
MoveFileExW
GetSystemPowerStatus
FindFirstFileA
SetThreadPriorityBoost
FindResourceExW
WriteConsoleOutputW
CreateMutexA
GetDateFormatW
DefineDosDeviceW
CompareFileTime
GetDriveTypeW
WaitForSingleObjectEx
WriteConsoleA
GetPrivateProfileStringA
LocalHandle
WritePrivateProfileStructA
SetThreadAffinityMask
GetNumberFormatW
GetLogicalDrives
EscapeCommFunction
OpenEventA
FindFirstChangeNotificationA
GetStartupInfoA
GlobalLock
GetSystemDefaultLCID
GetWindowsDirectoryA
WriteProfileStringA
DeleteFileA
ResumeThread
GetFileType
FoldStringW
GlobalSize
CreateMailslotW
SetThreadLocale
SetEvent
PeekConsoleInputW
GlobalUnfix
Heap32ListNext
GetStringTypeW
ReleaseSemaphore
ReadProcessMemory
FormatMessageA
SetConsoleTitleW
ReadConsoleOutputCharacterW
CreateWaitableTimerW
GetEnvironmentVariableA
GetModuleFileNameW
GetProfileIntA
SetEnvironmentVariableA
lstrcpynA
GetCompressedFileSizeA
FileTimeToLocalFileTime
GetCommandLineA
SetFileAttributesW
GlobalUnWire
LocalFlags
SearchPathW
LocalUnlock
WriteFileGather
CreateFileMappingW
GetPrivateProfileSectionNamesW
GetLastError
TryEnterCriticalSection
Thread32First
SetWaitableTimer
OpenFile
SetThreadExecutionState
lstrlen
WriteProcessMemory
GetLogicalDriveStringsW
GetConsoleTitleW
FindClose
GetVolumeInformationA
LoadLibraryExW
GetSystemDefaultLangID
EnumCalendarInfoExW
lstrlenA
SetVolumeLabelA
GetPrivateProfileStringW
HeapCompact
GetPrivateProfileStructW
WritePrivateProfileStringA
CreateNamedPipeW
GetProfileSectionA
lstrcatW
SuspendThread
ReadConsoleA
OpenEventW
GetThreadPriority
GetVersion
GetTimeFormatA
lstrcatA
LeaveCriticalSection
GetPrivateProfileSectionA
UpdateResourceA
ReadConsoleInputA
MoveFileA
TlsGetValue
GetCurrentThread
lstrcpy
GetSystemTimeAdjustment
GetUserDefaultLangID
MoveFileExA
GetVersionExA
lstrcpyW
CreateSemaphoreA
GlobalAddAtomW
GetLongPathNameA
LocalReAlloc
EnumCalendarInfoW
SetFileTime
GetCurrentDirectoryW
DeleteAtom
GetThreadLocale
UpdateResourceW
SetThreadPriority
GetLongPathNameW
GetDiskFreeSpaceExA
VirtualProtect
GetPrivateProfileSectionW
WriteConsoleInputA
Toolhelp32ReadProcessMemory
IsValidLocale
FreeEnvironmentStringsW
FindResourceW
DisconnectNamedPipe
SetLocaleInfoW
CreateDirectoryExW
VirtualLock
GlobalFix
FillConsoleOutputCharacterA
GetAtomNameW
InitializeCriticalSectionAndSpinCount
GetFileAttributesExW
GetStringTypeExA
SetConsoleTextAttribute
MapViewOfFile
FindNextFileW
DeviceIoControl
InitializeCriticalSection
GetConsoleCursorInfo
FoldStringA
GetACP
EnumResourceNamesW
OpenProcess
EnumSystemCodePagesW
ReadConsoleOutputW
CommConfigDialogA
SetThreadIdealProcessor
GlobalCompact
GetNumberOfConsoleInputEvents
GetPrivateProfileIntA
CreateConsoleScreenBuffer
LoadResource
GetThreadPriorityBoost
Heap32ListFirst
SystemTimeToTzSpecificLocalTime
EnumResourceTypesA
GetFullPathNameA
CreateProcessA
LocalFileTimeToFileTime
ExpandEnvironmentStringsA
ReadConsoleOutputCharacterA
EnumTimeFormatsA
LoadLibraryExA
GetCommandLineW
CloseHandle
WriteConsoleOutputA
GetFileSize
ReadFileEx
SetCriticalSectionSpinCount
SetVolumeLabelW
SetComputerNameA
FindCloseChangeNotification
PeekNamedPipe
OpenSemaphoreW
WideCharToMultiByte
CreateTapePartition
SetFilePointer
GetWindowsDirectoryW
lstrcmpi
GetDiskFreeSpaceW
LocalFree
TlsAlloc
WriteConsoleInputW
EnumResourceNamesA
WinExec
CreateNamedPipeA
GetComputerNameW
InterlockedIncrement
SleepEx
GlobalFindAtomA
SetConsoleActiveScreenBuffer
CreateDirectoryW
GetPriorityClass
FindResourceExA
HeapLock
GetThreadTimes
GetConsoleScreenBufferInfo
OutputDebugStringA
GetTempFileNameA
AddAtomW
DeleteFiber
GetVersionExW
WritePrivateProfileSectionW
CommConfigDialogW
SetConsoleWindowInfo
FreeResource
GetStringTypeExW
GetDateFormatA
WriteConsoleOutputCharacterA
FlushViewOfFile
GlobalHandle
GetProcessHeaps
TerminateThread
OpenFileMappingA
GetStdHandle
SetCurrentDirectoryW
SetThreadContext
FreeEnvironmentStringsA
DosDateTimeToFileTime
ConvertDefaultLocale
WriteProfileStringW
SetLocaleInfoA
FindResourceA
lstrcpyA
LoadModule
GetNamedPipeHandleStateA
Sleep
GlobalAlloc
SystemTimeToFileTime
SetConsoleScreenBufferSize
GetShortPathNameA
GetFileAttributesW
SetConsoleCP
GetProfileIntW
GetConsoleTitleA
GlobalFlags
wsock32
sendto
ord1118
ord1109
ord1111
getsockopt
ord1102
ord1119
ord1120
Sections
.text Size: 281KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE