Static task
static1
Behavioral task
behavioral1
Sample
033aac9550fcf28d5a3cf1d2cd4d0a61.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
033aac9550fcf28d5a3cf1d2cd4d0a61.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
033aac9550fcf28d5a3cf1d2cd4d0a61
-
Size
402KB
-
MD5
033aac9550fcf28d5a3cf1d2cd4d0a61
-
SHA1
9e45f34c17093e662fd1d280201e9e88afb939a5
-
SHA256
784f895164d1cfc9cf5426547b74579bb3ff51fb9d47b98a3317f5ac3c870fc5
-
SHA512
82b3d1de59545264443b1da5d8bd9831aac545d07213d31f01e557a0708da994fc8478dcf394f6bc548c0d55cdc6c05421871ce4602c4998bdbd867e47f50a4d
-
SSDEEP
12288:YkjJqYMQ+ropvJmZZC5Q92g+W3mFcjynjp:YaUYMQ0/Cq92UVG
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 033aac9550fcf28d5a3cf1d2cd4d0a61
Files
-
033aac9550fcf28d5a3cf1d2cd4d0a61.exe windows:4 windows x86 arch:x86
f60159ccab73a88d8ffd40b56e9d6da0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetComputerNameW
CreateConsoleScreenBuffer
SetConsoleOutputCP
GetConsoleTitleW
GetDiskFreeSpaceExA
GetConsoleMode
GetVersionExA
HeapUnlock
DeleteFileA
WaitCommEvent
GetPrivateProfileIntW
GlobalFlags
LocalUnlock
FindResourceExW
SetThreadExecutionState
WritePrivateProfileStructW
GetThreadPriority
GetConsoleCP
HeapDestroy
EnumSystemLocalesW
HeapCreate
IsValidLocale
SetConsoleTitleW
CreateProcessA
HeapValidate
GetSystemDirectoryA
RemoveDirectoryA
CreateMailslotA
GetTimeFormatA
GlobalCompact
GetSystemTimeAdjustment
TransmitCommChar
GetVolumeInformationA
FindFirstFileW
DeleteFiber
MapViewOfFileEx
GetThreadPriorityBoost
Module32First
OpenFile
DefineDosDeviceW
TlsAlloc
DeviceIoControl
SignalObjectAndWait
MulDiv
GetLocalTime
LocalLock
GetStringTypeW
LocalCompact
WriteConsoleInputW
Toolhelp32ReadProcessMemory
SetCriticalSectionSpinCount
OpenEventA
CreateMutexW
SetComputerNameA
EnumSystemCodePagesA
OpenFileMappingA
FormatMessageA
lstrcpyW
LockFile
lstrcatA
GetProcessHeaps
SetSystemTimeAdjustment
LocalAlloc
EnumTimeFormatsA
GetTimeFormatW
SuspendThread
CreateTapePartition
GetEnvironmentStringsA
GetCurrentDirectoryA
GlobalGetAtomNameW
CreatePipe
GlobalAddAtomW
SetLocaleInfoA
GetTempPathA
UnlockFileEx
GetLogicalDriveStringsW
GetFileAttributesExA
GetProfileStringA
FillConsoleOutputCharacterW
GetThreadContext
lstrcmpiW
UnhandledExceptionFilter
LockResource
CreateFileMappingW
SetConsoleCursorPosition
EnumSystemLocalesA
OpenFileMappingW
DuplicateHandle
CreateMailslotW
SetThreadPriority
GetLongPathNameW
GetLastError
GetEnvironmentVariableA
OpenWaitableTimerA
Thread32First
GetLocaleInfoW
GetNumberFormatW
SetFilePointer
SetConsoleActiveScreenBuffer
EnumResourceNamesW
FreeEnvironmentStringsW
GetProcAddress
GetLocaleInfoA
OpenSemaphoreW
lstrcat
CreateDirectoryW
GetStringTypeA
ReadDirectoryChangesW
GetProcessShutdownParameters
GetWriteWatch
HeapSize
CompareStringA
GlobalFix
SetCurrentDirectoryA
CreateFileA
SetVolumeLabelW
LoadLibraryW
GetProfileSectionA
LoadResource
GetStringTypeExW
GetThreadLocale
lstrcmpW
lstrcmpA
ReadConsoleOutputCharacterA
lstrcatW
SetPriorityClass
GetStringTypeExA
SetFileTime
GetConsoleScreenBufferInfo
GlobalAddAtomA
CreateNamedPipeW
ExpandEnvironmentStringsA
ReadConsoleOutputAttribute
GetPrivateProfileSectionW
Sleep
WideCharToMultiByte
CreateEventW
DisconnectNamedPipe
GetLongPathNameA
GetDiskFreeSpaceExW
GetProcessHeap
ResetEvent
CreateFileW
GetCompressedFileSizeA
GetPrivateProfileStringW
SetLocaleInfoW
MoveFileW
GlobalHandle
OpenWaitableTimerW
FindFirstFileA
GetNamedPipeInfo
lstrlenW
GetAtomNameW
PeekConsoleInputA
lstrlenA
GetCompressedFileSizeW
SetComputerNameW
GetModuleHandleW
GetDateFormatW
FindResourceW
CreateRemoteThread
LoadModule
GetEnvironmentStringsW
VirtualProtectEx
GetPrivateProfileStringA
FlushInstructionCache
GetComputerNameA
Module32Next
SetLocalTime
IsValidCodePage
SetSystemTime
TryEnterCriticalSection
GlobalUnfix
FindResourceA
SystemTimeToFileTime
MoveFileExA
GetThreadTimes
ReadFileEx
Heap32Next
FlushFileBuffers
GetProfileStringW
WriteConsoleOutputW
GetProcessTimes
VirtualAllocEx
GetFileAttributesA
WaitForMultipleObjects
GetStartupInfoW
CreateWaitableTimerW
lstrcpyA
OutputDebugStringA
SleepEx
GetThreadSelectorEntry
SetHandleCount
CreateEventA
CreateDirectoryExA
SetTimeZoneInformation
FileTimeToDosDateTime
CreateSemaphoreW
ReadConsoleA
GetPrivateProfileSectionNamesW
GetSystemPowerStatus
GlobalDeleteAtom
GetMailslotInfo
TlsSetValue
GetSystemInfo
GetDateFormatA
CreateFileMappingA
FoldStringW
FindNextFileA
ExitThread
ReadConsoleInputA
SetConsoleWindowInfo
GlobalSize
WriteFile
DosDateTimeToFileTime
GlobalFindAtomW
TlsGetValue
MultiByteToWideChar
GetPrivateProfileStructA
GetNumberFormatA
WriteConsoleA
CopyFileA
FreeEnvironmentStringsA
SetConsoleCursorInfo
OutputDebugStringW
EnumTimeFormatsW
LocalSize
GetFileAttributesExW
GetWindowsDirectoryW
TerminateThread
DisableThreadLibraryCalls
GetStartupInfoA
LocalShrink
GlobalLock
FreeConsole
GetProcessPriorityBoost
FoldStringA
EnumDateFormatsW
ReadConsoleOutputA
SetConsoleTitleA
WaitNamedPipeW
SetFileAttributesW
InitializeCriticalSection
GlobalUnlock
RtlZeroMemory
GetProcessVersion
PulseEvent
WaitNamedPipeA
CloseHandle
lstrlen
SystemTimeToTzSpecificLocalTime
SetWaitableTimer
HeapLock
GetPrivateProfileStructW
OpenSemaphoreA
GetFileTime
SetConsoleMode
WriteProfileSectionA
WaitForSingleObjectEx
ReadConsoleOutputCharacterW
EnumDateFormatsA
UpdateResourceW
WriteProcessMemory
FreeLibraryAndExitThread
FillConsoleOutputCharacterA
VirtualFree
ReadConsoleOutputW
WriteProfileSectionW
WritePrivateProfileStringA
FileTimeToSystemTime
GlobalReAlloc
GetDiskFreeSpaceA
ReleaseMutex
SetEvent
WriteProfileStringA
BeginUpdateResourceA
VirtualUnlock
CommConfigDialogA
CreateNamedPipeA
SetEndOfFile
ReadFile
FindCloseChangeNotification
GlobalFree
lstrcmpiA
GetFileAttributesW
GetExitCodeProcess
MapViewOfFile
UnlockFile
WriteFileGather
lstrcpynW
FindAtomA
LocalFlags
GetTempFileNameW
GetNumberOfConsoleMouseButtons
SetLastError
GetLargestConsoleWindowSize
HeapWalk
FlushConsoleInputBuffer
ExpandEnvironmentStringsW
lstrcmpi
WritePrivateProfileSectionA
ReleaseSemaphore
InterlockedIncrement
GetExitCodeThread
TransactNamedPipe
FindFirstFileExA
GetUserDefaultLCID
CreateThread
ConnectNamedPipe
GetFileInformationByHandle
CopyFileExA
EnumCalendarInfoExA
LocalReAlloc
SetEnvironmentVariableW
GetACP
LoadLibraryExA
VirtualFreeEx
HeapCompact
GetPrivateProfileSectionNamesA
WaitForSingleObject
GetDriveTypeA
FreeLibrary
InterlockedCompareExchange
SetThreadLocale
GetEnvironmentVariableW
WriteConsoleW
GetVersion
BeginUpdateResourceW
CreateProcessW
FormatMessageW
PeekNamedPipe
LocalFree
WritePrivateProfileStructA
GlobalWire
OpenMutexW
SetThreadContext
UnmapViewOfFile
AllocConsole
GetProfileSectionW
VirtualLock
GetShortPathNameW
CreateDirectoryExW
Thread32Next
SearchPathA
WriteConsoleOutputAttribute
GlobalUnWire
ResetWriteWatch
SetCurrentDirectoryW
GetNumberOfConsoleInputEvents
GetSystemDirectoryW
WritePrivateProfileSectionW
AddAtomA
WritePrivateProfileStringW
GetFullPathNameW
lstrcpy
MoveFileA
Heap32ListNext
GetProfileIntA
LocalHandle
WinExec
GetVolumeInformationW
EnumCalendarInfoExW
GetSystemDefaultLangID
GetConsoleOutputCP
UpdateResourceA
EnumResourceTypesW
WaitForMultipleObjectsEx
FindFirstChangeNotificationA
GetNamedPipeHandleStateW
FindNextFileW
PeekConsoleInputW
ReadProcessMemory
OpenProcess
Heap32ListFirst
GetDiskFreeSpaceW
lstrcpynA
IsDebuggerPresent
GetCommandLineA
Process32Next
FindClose
CreateSemaphoreA
RemoveDirectoryW
ReadFileScatter
GetPrivateProfileSectionA
VirtualProtect
EraseTape
GetEnvironmentStrings
GetFullPathNameA
InterlockedExchangeAdd
CreateWaitableTimerA
DeleteCriticalSection
LockFileEx
EnterCriticalSection
FreeResource
GetConsoleTitleA
GetStdHandle
CreateDirectoryA
GetProcessAffinityMask
EnumResourceLanguagesA
CommConfigDialogW
GetHandleInformation
SetConsoleScreenBufferSize
SetThreadPriorityBoost
OpenMutexA
SetFileAttributesA
GetUserDefaultLangID
EscapeCommFunction
GetLogicalDriveStringsA
EnumResourceTypesA
SetEnvironmentVariableA
AddAtomW
WriteConsoleOutputCharacterA
GetShortPathNameA
GetCurrencyFormatA
GetProfileIntW
GetPrivateProfileIntA
GetLogicalDrives
GetVersionExW
SetConsoleCtrlHandler
SetConsoleTextAttribute
ContinueDebugEvent
GetCalendarInfoW
EnumCalendarInfoW
FindFirstChangeNotificationW
LeaveCriticalSection
WriteProfileStringW
RtlMoveMemory
DebugActiveProcess
InitializeCriticalSectionAndSpinCount
TlsFree
EnumSystemCodePagesW
GetConsoleCursorInfo
GlobalMemoryStatus
FileTimeToLocalFileTime
GetNamedPipeHandleStateA
GetFileType
GetCurrentThread
InterlockedDecrement
SetThreadAffinityMask
ReadConsoleInputW
WaitForDebugEvent
ResumeThread
GetAtomNameA
EnumDateFormatsExA
GetSystemTime
FindFirstFileExW
SetVolumeLabelA
GetCommandLineW
GetTempFileNameA
FindNextChangeNotification
VirtualQueryEx
InitAtomTable
WriteConsoleOutputCharacterW
ConvertDefaultLocale
GlobalGetAtomNameA
DebugBreak
DeleteAtom
advapi32
CryptSetProvParam
ReportEventA
CryptDeriveKey
RegReplaceKeyA
CryptSetHashParam
CreateServiceA
CryptGetDefaultProviderW
CryptCreateHash
RegSetValueExA
CryptGetKeyParam
CreateServiceW
CryptGetHashParam
CryptEnumProviderTypesA
RegQueryValueW
LookupAccountSidW
RegFlushKey
RegDeleteValueW
RegDeleteKeyW
DuplicateToken
CryptGenRandom
RegQueryMultipleValuesW
CryptDuplicateHash
RegCreateKeyA
RegConnectRegistryA
CryptVerifySignatureW
RegReplaceKeyW
CryptSignHashA
CryptGenKey
LookupPrivilegeValueA
RegQueryValueExA
CryptDuplicateKey
CryptVerifySignatureA
RegRestoreKeyW
RegQueryInfoKeyA
CryptHashSessionKey
RegSetValueExW
RegSetValueA
CryptReleaseContext
RegLoadKeyW
RegCloseKey
CryptImportKey
CryptHashData
CryptGetDefaultProviderA
CryptExportKey
RegConnectRegistryW
RegEnumKeyW
AbortSystemShutdownW
RegSetValueW
DuplicateTokenEx
CryptDestroyHash
RevertToSelf
AbortSystemShutdownA
RegQueryValueA
LogonUserA
LookupAccountNameA
RegQueryInfoKeyW
RegDeleteKeyA
GetUserNameW
CryptSetProviderW
InitializeSecurityDescriptor
InitiateSystemShutdownW
CryptContextAddRef
LogonUserW
CryptEnumProvidersW
RegLoadKeyA
LookupAccountNameW
RegSaveKeyW
RegSetKeySecurity
CryptSetProviderExW
CryptSetProviderA
CryptSetKeyParam
LookupPrivilegeNameA
RegDeleteValueA
LookupPrivilegeDisplayNameW
RegQueryMultipleValuesA
CryptSetProviderExA
CryptEnumProviderTypesW
CryptSignHashW
RegOpenKeyExA
CryptDecrypt
RegOpenKeyExW
LookupPrivilegeNameW
LookupAccountSidA
RegCreateKeyExW
RegSaveKeyA
RegEnumKeyA
CryptAcquireContextW
CryptEncrypt
InitiateSystemShutdownA
RegRestoreKeyA
CryptDestroyKey
StartServiceA
CryptGetProvParam
RegNotifyChangeKeyValue
RegCreateKeyExA
LookupPrivilegeDisplayNameA
RegCreateKeyW
LookupSecurityDescriptorPartsW
LookupPrivilegeValueW
RegEnumValueW
RegEnumKeyExA
ReportEventW
CryptAcquireContextA
GetUserNameA
RegEnumValueA
RegEnumKeyExW
RegOpenKeyA
CryptEnumProvidersA
StartServiceW
CryptGetUserKey
RegQueryValueExW
user32
CheckRadioButton
EnumClipboardFormats
GetDCEx
CreateMenu
LoadKeyboardLayoutW
TileChildWindows
PeekMessageA
GetOpenClipboardWindow
CreateDialogIndirectParamA
ModifyMenuA
GetUserObjectSecurity
FlashWindow
UnhookWindowsHookEx
EndPaint
CreateAcceleratorTableA
GetProcessWindowStation
SendNotifyMessageW
GetWindowTextLengthA
FlashWindowEx
MessageBoxExW
GetCaretBlinkTime
DrawIconEx
DdeQueryNextServer
LoadMenuIndirectW
IsWindow
RegisterDeviceNotificationW
GetClipboardData
SetScrollInfo
RegisterDeviceNotificationA
GetDesktopWindow
UnregisterDeviceNotification
ShowScrollBar
MapVirtualKeyExW
UnregisterHotKey
SetMessageExtraInfo
SubtractRect
GetDlgItem
OemToCharBuffW
DdeCreateDataHandle
DrawTextW
OpenWindowStationW
SetWindowRgn
CharLowerBuffW
SetUserObjectInformationA
RegisterClassExA
OemToCharW
DdeQueryStringW
CallNextHookEx
GetDialogBaseUnits
UnpackDDElParam
CharLowerW
ValidateRect
ChangeDisplaySettingsA
AttachThreadInput
LookupIconIdFromDirectory
RegisterClassW
GetQueueStatus
EnableScrollBar
SetRectEmpty
SwitchToThisWindow
GetMessagePos
BeginDeferWindowPos
IntersectRect
RemoveMenu
RegisterWindowMessageW
SetProcessWindowStation
SetForegroundWindow
DdeAbandonTransaction
GetNextDlgGroupItem
CharUpperBuffA
GetClassNameW
SetPropA
CloseWindow
DispatchMessageA
RealChildWindowFromPoint
SetCursorPos
GetWindowThreadProcessId
SetCaretBlinkTime
CharPrevW
GetKeyNameTextA
CreateCursor
MapDialogRect
VkKeyScanA
SetDlgItemInt
InsertMenuW
MapWindowPoints
LoadCursorFromFileW
SendDlgItemMessageA
DlgDirListW
IsCharLowerW
MonitorFromRect
SetWindowWord
wininet
InternetQueryOptionW
InternetWriteFileExA
InternetInitializeAutoProxyDll
IsHostInProxyBypassList
InternetTimeToSystemTimeA
FtpRemoveDirectoryW
InternetCreateUrlW
HttpQueryInfoW
UnlockUrlCacheEntryFile
InternetConfirmZoneCrossingW
FindNextUrlCacheEntryExW
GetUrlCacheEntryInfoExW
InternetSetDialStateW
FtpCommandW
FtpGetCurrentDirectoryW
HttpEndRequestA
InternetTimeToSystemTimeW
GetUrlCacheConfigInfoW
SetUrlCacheEntryGroupA
InternetAutodial
FtpCreateDirectoryW
InternetReadFileExA
ResumeSuspendedDownload
DeleteUrlCacheEntry
SetUrlCacheGroupAttributeA
shell32
SheGetDirA
Sections
.text Size: 121KB - Virtual size: 121KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 261KB - Virtual size: 261KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ