Static task
static1
Behavioral task
behavioral1
Sample
4e25371d4cf601c1bee3732f9c02e228.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral2
Sample
4e25371d4cf601c1bee3732f9c02e228.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
4e25371d4cf601c1bee3732f9c02e228
-
Size
434KB
-
MD5
4e25371d4cf601c1bee3732f9c02e228
-
SHA1
f353de92ab64a8498b993d3cab4b0c03fb50d943
-
SHA256
5fecb078d020bc78cf67f76ae6540e44eb2d88c9ff5e9a992707a08a960d4577
-
SHA512
794d090ef3a80be616cd53e799659cc97e64972c7c21bfe1e384b9d5966727a3fe1181722e640812331bc694824f840301e3f9129c1f7b608032a0108bed48aa
-
SSDEEP
12288:7SS+OWZhullJ8qAY8mxR3F7egpxSP+gV9GK5:7Snh6JRJxR3lfSPV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4e25371d4cf601c1bee3732f9c02e228
Files
-
4e25371d4cf601c1bee3732f9c02e228.exe windows:4 windows x86 arch:x86
7069d50bfac6dde07f6947cf690ab62b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
CreateTapePartition
FindFirstFileA
lstrlen
InterlockedExchangeAdd
SetThreadPriority
GetCompressedFileSizeW
GetLongPathNameW
Module32First
LoadModule
FileTimeToLocalFileTime
GetStartupInfoA
GlobalLock
GlobalAlloc
GetComputerNameA
Thread32First
FreeLibraryAndExitThread
CreateMailslotW
LocalLock
SystemTimeToFileTime
MoveFileA
WriteFileGather
IsValidCodePage
Toolhelp32ReadProcessMemory
OutputDebugStringW
GetPrivateProfileIntW
GetProfileSectionA
GetCurrentDirectoryW
SetCriticalSectionSpinCount
GetAtomNameA
CreateToolhelp32Snapshot
CommConfigDialogW
GetCompressedFileSizeA
DeleteAtom
FreeLibrary
Heap32Next
SetThreadLocale
MapViewOfFile
SetSystemTime
ExpandEnvironmentStringsA
OpenProcess
GetDiskFreeSpaceA
WriteProcessMemory
GetModuleFileNameW
GlobalUnfix
FileTimeToSystemTime
GlobalAddAtomA
HeapValidate
BeginUpdateResourceW
GetNamedPipeInfo
CreateDirectoryExW
GetEnvironmentStringsA
LockFileEx
AddAtomW
WaitForMultipleObjectsEx
GetWindowsDirectoryA
GlobalGetAtomNameA
GetSystemTime
Heap32ListFirst
ReadConsoleOutputW
GetCalendarInfoA
GetTempPathA
ExitThread
GetSystemInfo
SleepEx
VirtualAllocEx
GetStartupInfoW
GetProcessVersion
GetStdHandle
FreeEnvironmentStringsW
TransactNamedPipe
GetThreadTimes
lstrcmpW
GetShortPathNameW
FormatMessageA
HeapLock
GetFileSize
GetDiskFreeSpaceW
DefineDosDeviceW
FillConsoleOutputCharacterA
GetMailslotInfo
GetFileType
ContinueDebugEvent
EnumResourceNamesA
SetThreadContext
CreateMutexW
MoveFileW
ConvertDefaultLocale
PeekNamedPipe
GetTempPathW
GetAtomNameW
FindResourceExW
InterlockedCompareExchange
IsDebuggerPresent
GetProfileSectionW
FindFirstFileExW
GetFullPathNameW
TerminateThread
SetEnvironmentVariableW
FindNextChangeNotification
EnumResourceTypesA
Heap32First
FlushInstructionCache
UnlockFileEx
GetModuleHandleW
ReadConsoleA
GetSystemDirectoryW
GetLogicalDriveStringsW
SetThreadAffinityMask
UnhandledExceptionFilter
LocalFileTimeToFileTime
GetProcessShutdownParameters
UnmapViewOfFile
LocalCompact
CreateConsoleScreenBuffer
GlobalMemoryStatus
ReleaseSemaphore
FoldStringA
OpenWaitableTimerW
GetThreadPriorityBoost
LockFile
HeapDestroy
FindAtomW
HeapCompact
SetConsoleCP
SetConsoleCursorInfo
VirtualUnlock
GetEnvironmentStringsW
GetConsoleScreenBufferInfo
WriteProfileStringW
GetFileTime
SetConsoleOutputCP
CreateFileA
EnumDateFormatsA
CreateProcessW
MultiByteToWideChar
MoveFileExA
DebugBreak
EnterCriticalSection
TransmitCommChar
PeekConsoleInputA
Heap32ListNext
FindFirstFileExA
lstrcatA
EnumDateFormatsW
FindCloseChangeNotification
EnumSystemLocalesW
LocalHandle
GetFullPathNameA
Module32Next
SetEndOfFile
SetConsoleScreenBufferSize
SetThreadExecutionState
GetConsoleTitleA
CreateWaitableTimerW
GetTimeFormatA
Process32Next
GetProfileIntA
TlsGetValue
SetConsoleActiveScreenBuffer
WaitNamedPipeW
FillConsoleOutputAttribute
GetFileAttributesA
ReadConsoleInputA
GetPrivateProfileSectionNamesW
LeaveCriticalSection
GlobalDeleteAtom
GetSystemPowerStatus
lstrcmpi
CreateEventW
ResumeThread
GetACP
WritePrivateProfileStringA
VirtualProtectEx
MoveFileExW
CreateEventA
GetNumberFormatA
GetVersion
WriteConsoleInputA
DuplicateHandle
GetLocaleInfoW
EnumCalendarInfoA
GetLocalTime
GetLargestConsoleWindowSize
WinExec
GetVersionExW
GetCommandLineA
OpenSemaphoreA
CopyFileA
FindNextFileW
GetEnvironmentStrings
GlobalGetAtomNameW
EnumCalendarInfoExW
EnumCalendarInfoExA
RtlMoveMemory
GetNumberFormatW
lstrcpyn
SetCurrentDirectoryW
SetConsoleTitleA
GetStringTypeExA
GetConsoleMode
GetNumberOfConsoleMouseButtons
DeleteCriticalSection
ReadConsoleOutputA
SetConsoleTitleW
GetPrivateProfileSectionNamesA
lstrcmpiW
CompareFileTime
lstrcmp
SetTimeZoneInformation
CloseHandle
SetLocaleInfoW
OpenSemaphoreW
WriteConsoleA
DeleteFileA
SetLocalTime
OpenWaitableTimerA
FormatMessageW
FindFirstChangeNotificationA
WriteConsoleOutputA
ReadFileEx
CreateDirectoryW
SetFileTime
GetConsoleCP
lstrcpyA
SetVolumeLabelW
OpenFileMappingW
OpenMutexW
WideCharToMultiByte
FreeEnvironmentStringsA
TlsAlloc
ReadFile
EnumResourceLanguagesW
GetPrivateProfileStructA
CreatePipe
InitializeCriticalSection
GetTempFileNameW
RtlFillMemory
IsValidLocale
EnumTimeFormatsW
lstrcpy
LocalFlags
CreateFileMappingA
GetPrivateProfileIntA
DosDateTimeToFileTime
GlobalFindAtomW
SearchPathA
FindFirstFileW
GetProcessTimes
GetFileAttributesExA
CommConfigDialogA
GetStringTypeW
GetLocaleInfoA
GetVersionExA
OutputDebugStringA
CreateSemaphoreW
GetVolumeInformationW
CreateMailslotA
SetFileAttributesA
SetSystemTimeAdjustment
GetDiskFreeSpaceExW
InitializeCriticalSectionAndSpinCount
WriteProfileStringA
FindResourceW
VirtualLock
SuspendThread
SetConsoleCtrlHandler
FillConsoleOutputCharacterW
WriteConsoleInputW
UnlockFile
GetCurrentDirectoryA
WriteFile
lstrcat
DefineDosDeviceA
EnumResourceLanguagesA
SetFileAttributesW
SetThreadIdealProcessor
GetThreadLocale
GetDriveTypeW
MapViewOfFileEx
ReadProcessMemory
ConnectNamedPipe
GetSystemTimeAdjustment
GetPriorityClass
DisconnectNamedPipe
CreateNamedPipeW
EnumSystemLocalesA
GetProcessAffinityMask
EscapeCommFunction
SetVolumeLabelA
CreateMutexA
ReadDirectoryChangesW
AddAtomA
UpdateResourceW
GetDiskFreeSpaceExA
WaitNamedPipeA
CreateThread
LoadResource
SetLastError
EnumSystemCodePagesA
GetShortPathNameA
SystemTimeToTzSpecificLocalTime
GetSystemDefaultLangID
GetTimeZoneInformation
OpenFile
TlsFree
GetEnvironmentVariableA
OpenFileMappingA
GetFileAttributesW
GetConsoleTitleW
HeapSize
DisableThreadLibraryCalls
GetLongPathNameA
DeleteFileW
SetThreadPriorityBoost
VirtualProtect
WriteProfileSectionA
GlobalFree
SearchPathW
GlobalFlags
HeapCreate
LocalUnlock
Thread32Next
SetLocaleInfoA
GetCurrencyFormatA
ReadConsoleInputW
VirtualFreeEx
EnumDateFormatsExW
GetExitCodeThread
VirtualFree
RemoveDirectoryA
SetEnvironmentVariableA
FlushConsoleInputBuffer
AllocConsole
LoadLibraryExA
GetHandleInformation
lstrcpyW
WriteFileEx
OpenEventA
GetPrivateProfileSectionW
SetFilePointer
FlushViewOfFile
GlobalAddAtomW
GetNamedPipeHandleStateW
EnumResourceNamesW
GetDateFormatW
SetPriorityClass
Sleep
WaitForSingleObject
GetWindowsDirectoryW
RtlZeroMemory
ReadConsoleOutputAttribute
GetThreadPriority
GlobalHandle
WriteConsoleOutputAttribute
GetStringTypeExW
GetProcessHeaps
EnumSystemCodePagesW
WritePrivateProfileStructA
LocalShrink
MulDiv
GetProfileStringW
GetPrivateProfileStringW
GetPrivateProfileStringA
lstrcatW
BeginUpdateResourceA
ResetWriteWatch
GetStringTypeA
CreateWaitableTimerA
ResetEvent
VirtualQueryEx
EnumDateFormatsExA
PeekConsoleInputW
WriteConsoleOutputCharacterA
CreateFileMappingW
CreateSemaphoreA
WriteConsoleW
GetUserDefaultLCID
GlobalCompact
HeapUnlock
FindResourceA
GetProfileIntW
WriteConsoleOutputW
WaitForDebugEvent
GetProcessHeap
SetConsoleMode
lstrcmpiA
OpenEventW
GetCurrencyFormatW
ReadFileScatter
CreateDirectoryExA
GetUserDefaultLangID
GetProcAddress
GlobalReAlloc
PulseEvent
LocalSize
WritePrivateProfileSectionA
WriteConsoleOutputCharacterW
lstrlenW
SetConsoleWindowInfo
CreateRemoteThread
TlsSetValue
GetCommandLineW
gdi32
CreateScalableFontResourceW
SetMetaRgn
CreateEnhMetaFileW
SetStretchBltMode
GetPolyFillMode
LineTo
CreateDIBPatternBrush
ColorMatchToTarget
GetLogColorSpaceA
StretchDIBits
GetBkColor
EnumICMProfilesA
SetICMProfileA
OffsetViewportOrgEx
GetColorSpace
SetWorldTransform
GetEnhMetaFileA
GetWorldTransform
GdiFlush
gdiPlaySpoolStream
CreateRectRgnIndirect
DeviceCapabilitiesExA
PolyPolyline
SelectClipPath
CloseEnhMetaFile
TextOutA
SetBoundsRect
SetBkColor
GetPixelFormat
CreateDCA
PolyDraw
GetClipRgn
EnableEUDC
CreateDIBitmap
GetROP2
IntersectClipRect
SetPixelFormat
CreatePen
GetTextExtentExPointA
StrokeAndFillPath
CreatePalette
CreateHalftonePalette
SetWindowOrgEx
CreatePatternBrush
GetLogColorSpaceW
EnumFontFamiliesExA
ResetDCA
GetAspectRatioFilterEx
SetColorSpace
SetPolyFillMode
GdiPlayDCScript
EnumFontFamiliesExW
GetMetaFileBitsEx
GetCharABCWidthsFloatW
EndPage
SetTextJustification
CreateDIBPatternBrushPt
GetWindowOrgEx
CreateICW
PtVisible
GetBkMode
GetTextCharsetInfo
CreateHatchBrush
GetCharacterPlacementA
SetPixelV
OffsetWindowOrgEx
EnumEnhMetaFile
GetEnhMetaFileHeader
GetBitmapDimensionEx
SetPaletteEntries
CreatePolyPolygonRgn
GetCurrentPositionEx
SetViewportExtEx
WidenPath
SetPixel
GetDCOrgEx
CreateColorSpaceW
CreateDCW
PlayEnhMetaFile
GetTextExtentPoint32W
GetGlyphOutline
SetEnhMetaFileBits
SaveDC
CopyEnhMetaFileW
EnumFontsA
CreateRectRgn
GetMiterLimit
StrokePath
TextOutW
GetFontData
GetMetaFileW
GetRgnBox
AbortDoc
EnumFontFamiliesA
EqualRgn
CopyMetaFileW
CreateDIBSection
LineDDA
EndDoc
GetICMProfileW
Polyline
SetTextAlign
GetCharABCWidthsW
AngleArc
ExtCreateRegion
RemoveFontResourceW
EnumFontFamiliesW
GetPaletteEntries
FixBrushOrgEx
SetGraphicsMode
SelectObject
CancelDC
Ellipse
EnumICMProfilesW
CreateEllipticRgn
GetKerningPairsA
GetTextCharset
GetCharWidthA
GetWinMetaFileBits
SetMapperFlags
SetDeviceGammaRamp
FrameRgn
GetKerningPairs
CreateFontIndirectA
SetBkMode
UpdateColors
CloseMetaFile
StartPage
GetPixel
UnrealizeObject
SetWinMetaFileBits
FloodFill
Chord
SetLayout
GetOutlineTextMetricsW
DPtoLP
DescribePixelFormat
GetCharWidthW
GetNearestPaletteIndex
StartDocA
GetCharWidth32W
GetDIBits
GetCharABCWidthsA
ResetDCW
RemoveFontResourceA
GetCharWidthFloatA
CreateICA
ColorCorrectPalette
RealizePalette
SetSystemPaletteUse
ArcTo
PolyTextOutW
EnumObjects
GetBrushOrgEx
CreateBitmapIndirect
CreateColorSpaceA
GetSystemPaletteUse
ChoosePixelFormat
DeleteObject
CheckColorsInGamut
DeviceCapabilitiesExW
SetMagicColors
EnumFontsW
GetEnhMetaFileDescriptionW
EnumMetaFile
SetAbortProc
PlayEnhMetaFileRecord
Polygon
PtInRegion
GetObjectType
CreateScalableFontResourceA
SwapBuffers
GetDeviceGammaRamp
AnimatePalette
GetColorAdjustment
LPtoDP
CombineRgn
GetBoundsRect
ExtFloodFill
RestoreDC
SetFontEnumeration
GetFontLanguageInfo
OffsetRgn
FillRgn
PlgBlt
CreateBitmap
CreateFontIndirectW
GetRandomRgn
GetTextColor
GetMetaFileA
SetRectRgn
GetGraphicsMode
GetStretchBltMode
CreateBrushIndirect
ScaleWindowExtEx
GetCharWidth32A
GetCharWidthFloatW
GetTextFaceA
GdiPlayScript
SetMapMode
FillPath
GetClipBox
GetCurrentObject
GetViewportExtEx
CreateFontA
Pie
CreateRoundRectRgn
GetMetaRgn
GetCharABCWidthsFloatA
GetGlyphOutlineW
GetTextExtentExPointW
SetViewportOrgEx
GetKerningPairsW
SetDIBitsToDevice
RectVisible
GetTextFaceW
DrawEscape
advapi32
RegSetValueExA
RegCreateKeyW
RegCreateKeyExA
RegQueryMultipleValuesA
CryptSetKeyParam
LookupPrivilegeNameW
RegOpenKeyA
CryptSetProviderExW
CryptCreateHash
LookupPrivilegeValueW
LookupPrivilegeDisplayNameA
RegLoadKeyW
RegQueryMultipleValuesW
CryptDestroyHash
CryptImportKey
RegConnectRegistryA
RegLoadKeyA
CryptEncrypt
CryptSetProviderA
RegConnectRegistryW
InitiateSystemShutdownA
CreateServiceA
InitializeSecurityDescriptor
CryptEnumProvidersA
comdlg32
PrintDlgW
GetSaveFileNameA
PageSetupDlgA
ChooseFontA
FindTextA
PageSetupDlgW
ReplaceTextA
GetFileTitleA
PrintDlgA
LoadAlterBitmap
ReplaceTextW
GetSaveFileNameW
wininet
InternetQueryFortezzaStatus
InternetSetOptionExW
HttpOpenRequestA
InternetCombineUrlW
InternetConfirmZoneCrossing
FindFirstUrlCacheEntryExA
InternetInitializeAutoProxyDll
UpdateUrlCacheContentPath
FtpFindFirstFileW
InternetQueryDataAvailable
GopherCreateLocatorA
ReadUrlCacheEntryStream
FtpGetCurrentDirectoryW
FindNextUrlCacheGroup
InternetSetOptionW
SetUrlCacheEntryGroupA
InternetCreateUrlA
GopherGetLocatorTypeW
InternetUnlockRequestFile
InternetSetDialStateW
InternetSetDialState
FtpCreateDirectoryW
InternetDialW
FtpPutFileA
InternetOpenA
InternetConfirmZoneCrossingW
InternetWriteFile
DeleteUrlCacheGroup
InternetSetOptionExA
UrlZonesDetach
InternetConnectA
RunOnceUrlCache
InternetAutodialHangup
FindFirstUrlCacheGroup
InternetGetConnectedStateExA
DeleteUrlCacheEntryW
GopherOpenFileW
InternetReadFileExA
FtpGetFileW
GopherFindFirstFileA
FtpDeleteFileW
HttpQueryInfoA
InternetCrackUrlW
InternetTimeToSystemTimeW
FindNextUrlCacheEntryExW
DeleteUrlCacheEntry
FtpGetFileSize
InternetReadFileExW
InternetCombineUrlA
InternetDialA
DeleteUrlCacheContainerW
CreateUrlCacheGroup
FtpPutFileEx
FindFirstUrlCacheEntryExW
InternetWriteFileExA
InternetCheckConnectionW
UnlockUrlCacheEntryStream
GopherCreateLocatorW
FtpRemoveDirectoryA
InternetOpenUrlW
FtpRenameFileA
InternetGetCertByURL
InternetConfirmZoneCrossingA
InternetSetOptionA
SetUrlCacheGroupAttributeW
InternetQueryOptionW
FindNextUrlCacheContainerW
FtpGetFileEx
FtpSetCurrentDirectoryA
RetrieveUrlCacheEntryStreamA
FtpOpenFileA
FtpPutFileW
HttpCheckDavCompliance
InternetCreateUrlW
FtpRemoveDirectoryW
GopherOpenFileA
InternetGetLastResponseInfoW
CreateUrlCacheContainerA
UnlockUrlCacheEntryFileA
SetUrlCacheEntryInfoA
SetUrlCacheEntryGroup
InternetAutodial
GetUrlCacheEntryInfoExA
InternetGetConnectedStateExW
DeleteIE3Cache
InternetErrorDlg
FtpCreateDirectoryA
FtpFindFirstFileA
InternetOpenUrlA
HttpSendRequestA
SetUrlCacheConfigInfoW
InternetSetFilePointer
FindNextUrlCacheEntryExA
InternetTimeFromSystemTime
GetUrlCacheGroupAttributeA
ShowX509EncodedCertificate
GetUrlCacheGroupAttributeW
ShowSecurityInfo
InternetSecurityProtocolToStringW
InternetOpenW
InternetCloseHandle
InternetCanonicalizeUrlW
ShowClientAuthCerts
InternetGetConnectedStateEx
GopherFindFirstFileW
DetectAutoProxyUrl
HttpSendRequestExA
RetrieveUrlCacheEntryFileW
InternetSecurityProtocolToStringA
HttpEndRequestA
SetUrlCacheGroupAttributeA
IncrementUrlCacheHeaderData
FtpGetFileA
HttpOpenRequestW
FindNextUrlCacheEntryA
InternetSetCookieA
LoadUrlCacheContent
shell32
ExtractIconExW
DragQueryFileAorW
SHGetNewLinkInfo
SHBrowseForFolder
RealShellExecuteW
Sections
.text Size: 144KB - Virtual size: 144KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 269KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ