Static task
static1
Behavioral task
behavioral1
Sample
225df107f273aec4d53dae85ee7a9fd7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
225df107f273aec4d53dae85ee7a9fd7.exe
Resource
win10v2004-20231215-en
General
-
Target
225df107f273aec4d53dae85ee7a9fd7
-
Size
76KB
-
MD5
225df107f273aec4d53dae85ee7a9fd7
-
SHA1
17030b366f3453951f5a5f39728f6df7d8a58aca
-
SHA256
91643c3eb827708e4e39b070b3239d35f394da46f7d50760bfd19a68bd69656b
-
SHA512
bc2b2adcdf936dd375e4348be67e7ce88254fb92b1da955d6b78425d969f7b694502e8fec0468bc48b9901d4636e8be63b85635d0a5f35b2906b24038e3540da
-
SSDEEP
1536:42H3ghyOkEhYv11BKCHJbIsxoTv8r6+UTam6h7qfLOegdpGO:7HajYvJZpcDT8r6bTOegr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 225df107f273aec4d53dae85ee7a9fd7
Files
-
225df107f273aec4d53dae85ee7a9fd7.exe windows:4 windows x86 arch:x86
83fe1e12b08d75b162dfc3051410718f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteConsoleOutputW
FatalAppExitA
GetTempPathW
IsBadCodePtr
GetModuleHandleA
GetNumberOfConsoleInputEvents
ReadConsoleInputA
SignalObjectAndWait
TerminateThread
GetCalendarInfoW
Process32First
GlobalCompact
GetLogicalDrives
VirtualProtect
WriteConsoleInputW
GetTimeFormatA
GetFileTime
LoadResource
IsBadHugeReadPtr
GetProcessTimes
ReleaseSemaphore
RequestWakeupLatency
SetSystemTime
LockFile
GlobalAddAtomW
GlobalFindAtomA
CreateNamedPipeA
GetLongPathNameW
ReadProcessMemory
GetCPInfoExA
CancelIo
DeleteFileW
EnumDateFormatsExA
GetCommModemStatus
LocalFileTimeToFileTime
OpenEventW
GetOEMCP
SetLastError
QueueUserAPC
LCMapStringA
MoveFileA
GetDiskFreeSpaceA
WriteFile
GetCPInfo
WideCharToMultiByte
LockResource
WritePrivateProfileStringA
lstrcmpi
CreateToolhelp32Snapshot
QueryPerformanceFrequency
OpenProcess
GetSystemInfo
GetConsoleOutputCP
GetWindowsDirectoryW
RemoveDirectoryA
FreeEnvironmentStringsW
ReadFileEx
GetCalendarInfoA
GlobalFree
GetDriveTypeA
GetFullPathNameA
FreeEnvironmentStringsA
LockFileEx
IsValidLocale
EnumResourceTypesA
GetVolumeInformationA
DefineDosDeviceA
FindNextFileA
PrepareTape
FlushConsoleInputBuffer
GetQueuedCompletionStatus
SetConsoleMode
SetCommBreak
GetFileAttributesA
EndUpdateResourceW
GetProfileSectionA
ReadConsoleOutputCharacterW
GetConsoleTitleW
VirtualFreeEx
CreateEventW
WriteProfileSectionA
VirtualAlloc
shlwapi
PathRemoveBlanksA
PathRemoveArgsA
SHRegOpenUSKeyA
StrFormatByteSizeA
StrRChrA
UrlIsOpaqueA
UrlCanonicalizeW
PathRemoveExtensionA
PathUndecorateW
SHOpenRegStream2A
SHDeleteKeyW
StrRChrW
StrRStrIA
PathFileExistsA
ColorHLSToRGB
StrSpnA
StrChrW
PathCreateFromUrlW
PathFindFileNameW
UrlCanonicalizeA
StrRetToStrW
UrlUnescapeA
PathUnquoteSpacesW
SHOpenRegStreamA
PathIsLFNFileSpecW
StrToIntA
StrDupW
UrlGetPartW
PathRemoveFileSpecW
PathIsFileSpecA
PathIsContentTypeA
SHSetValueA
PathIsURLA
StrIsIntlEqualW
UrlIsA
SHGetValueW
SHRegDeleteEmptyUSKeyW
SHQueryInfoKeyA
StrFormatKBSizeA
StrTrimW
PathFindExtensionA
SHSkipJunction
PathParseIconLocationW
PathRemoveArgsW
PathSkipRootA
PathGetArgsA
wnsprintfW
PathCanonicalizeA
PathFindOnPathA
UrlEscapeA
PathIsUNCServerW
SHAutoComplete
ChrCmpIA
PathIsUNCA
AssocQueryStringA
SHDeleteEmptyKeyW
PathCreateFromUrlA
StrPBrkW
PathSetDlgItemPathA
StrFromTimeIntervalA
PathRemoveFileSpecA
PathCombineW
StrCmpNIW
UrlIsNoHistoryW
PathMakeSystemFolderA
PathCombineA
StrFormatByteSizeW
SHGetThreadRef
SHEnumValueW
PathAddBackslashW
PathFindNextComponentW
SHRegGetUSValueW
PathFindNextComponentA
GetMenuPosFromID
user32
EmptyClipboard
GetNextDlgTabItem
GetUpdateRgn
SetWindowRgn
GetDlgItemTextA
EnumWindowStationsA
DialogBoxIndirectParamW
EnumDesktopsW
GetTitleBarInfo
GetUserObjectInformationA
IsCharAlphaW
GetInputState
SetMenuDefaultItem
CharLowerA
GetKeyboardLayoutList
GetDialogBaseUnits
GetKeyboardState
GetDCEx
TranslateAcceleratorA
CharPrevExA
FillRect
GetKBCodePage
GetForegroundWindow
SetRectEmpty
GetCaretPos
SetMenuItemInfoA
LoadAcceleratorsW
EnumPropsExW
SubtractRect
SendMessageW
EnumDisplaySettingsW
GetTabbedTextExtentW
CreateIcon
IsCharLowerW
CharLowerBuffW
SetScrollPos
SetMenu
RegisterClipboardFormatW
GetUpdateRect
EndPaint
SendNotifyMessageW
GrayStringW
GetWindowRect
CreateAcceleratorTableW
DlgDirSelectComboBoxExA
RegisterClassExA
CopyRect
DdeGetLastError
TranslateAccelerator
GetMenuItemInfoW
TabbedTextOutW
ShowScrollBar
CheckRadioButton
GetKeyboardLayoutNameA
IsIconic
CreateIconFromResourceEx
TranslateMessage
AppendMenuA
OemToCharW
LoadAcceleratorsA
InSendMessageEx
SetFocus
GetKeyNameTextW
GetMenuItemRect
EnableMenuItem
SetUserObjectSecurity
RealChildWindowFromPoint
CharToOemW
ValidateRect
SetDeskWallpaper
DdeUnaccessData
SetWindowPos
BlockInput
advapi32
GetExplicitEntriesFromAclW
ConvertSecurityDescriptorToAccessW
BuildExplicitAccessWithNameA
CryptCreateHash
EqualSid
ObjectOpenAuditAlarmA
CryptSetProviderExW
RegLoadKeyA
CryptGetUserKey
GetAuditedPermissionsFromAclW
OpenServiceW
SetSecurityDescriptorDacl
ImpersonateSelf
SetServiceStatus
CryptContextAddRef
GetMultipleTrusteeW
SetFileSecurityW
SetSecurityDescriptorGroup
ChangeServiceConfigW
GetSidLengthRequired
LogonUserW
ImpersonateNamedPipeClient
CryptEnumProviderTypesA
CryptVerifySignatureA
QueryServiceConfigW
RegEnumKeyW
BuildTrusteeWithNameW
SetNamedSecurityInfoExA
LookupPrivilegeNameW
DuplicateTokenEx
GetServiceDisplayNameA
CryptAcquireContextA
GetSecurityDescriptorControl
GetUserNameW
SetServiceBits
LogonUserA
OpenEventLogA
UnlockServiceDatabase
RegCreateKeyA
RegQueryMultipleValuesW
AllocateAndInitializeSid
CryptSetProviderA
SetSecurityInfoExW
CryptEnumProvidersA
SetSecurityInfoExA
CryptDuplicateHash
CreateProcessAsUserW
GetNamedSecurityInfoExA
GetTrusteeNameW
RegFlushKey
BuildImpersonateTrusteeA
OpenEventLogW
CryptGetProvParam
FindFirstFreeAce
CryptGenRandom
ReportEventW
SetEntriesInAclW
GetServiceDisplayNameW
RegQueryValueA
SetTokenInformation
StartServiceCtrlDispatcherA
SetSecurityInfo
SetNamedSecurityInfoA
RegOpenKeyExA
GetUserNameA
SetKernelObjectSecurity
EnumDependentServicesW
ConvertAccessToSecurityDescriptorA
ImpersonateLoggedOnUser
InitiateSystemShutdownA
ObjectCloseAuditAlarmA
DeregisterEventSource
GetSecurityDescriptorGroup
ObjectPrivilegeAuditAlarmW
BackupEventLogW
RegDeleteKeyA
CryptDuplicateKey
BuildSecurityDescriptorW
BuildImpersonateTrusteeW
ole32
StgOpenStorageOnILockBytes
RegisterDragDrop
CoMarshalInterface
OleDraw
CoGetPSClsid
OleCreateLinkEx
OleCreateEmbeddingHelper
CoGetMarshalSizeMax
CreateGenericComposite
OleCreateLink
CreateBindCtx
CoQueryProxyBlanket
CoQueryReleaseObject
ProgIDFromCLSID
CoRegisterPSClsid
OleCreateEx
OleSetClipboard
GetHGlobalFromILockBytes
CoGetInterfaceAndReleaseStream
OleDestroyMenuDescriptor
CoGetInstanceFromFile
CreateDataCache
CreateOleAdviseHolder
GetClassFile
OleSetMenuDescriptor
CoRevertToSelf
CreateObjrefMoniker
OleSaveToStream
OleQueryLinkFromData
ReadClassStm
StgOpenAsyncDocfileOnIFillLockBytes
WriteClassStg
OleCreateFromData
OleGetIconOfClass
GetHGlobalFromStream
CoRegisterMallocSpy
OleConvertIStorageToOLESTREAM
CreateItemMoniker
CoResumeClassObjects
CoReleaseMarshalData
OleLoadFromStream
CoRegisterSurrogate
OleCreateMenuDescriptor
CoGetStandardMarshal
MkParseDisplayName
RevokeDragDrop
WriteFmtUserTypeStg
CoBuildVersion
OleDuplicateData
CoFreeAllLibraries
OleUninitialize
CoGetCurrentProcess
StgCreateDocfile
CoRegisterMessageFilter
OleIsRunning
StgOpenStorage
CreatePointerMoniker
UtGetDvtd32Info
CoCreateInstance
CoRevokeClassObject
CoMarshalInterThreadInterfaceInStream
CoFreeLibrary
StringFromIID
CoLockObjectExternal
CoGetObject
WriteClassStm
OleCreateFromDataEx
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE