Static task
static1
Behavioral task
behavioral1
Sample
66a64451860155d3d28a1ecbe8f221fe.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
66a64451860155d3d28a1ecbe8f221fe.exe
Resource
win10v2004-20231215-en
General
-
Target
66a64451860155d3d28a1ecbe8f221fe
-
Size
227KB
-
MD5
66a64451860155d3d28a1ecbe8f221fe
-
SHA1
cac60e2bb62207cdd6d688f4f107f4acab9b4d19
-
SHA256
781f95107c666df6b133f52362ec743dd07588cbe02197f5552e3a02f95aa246
-
SHA512
5c386f5266b7a64504c707f20648b823a494615c0913d907d1ca3171c96c0c2741ef58dddb56868744dad48900eb5c94f53022ec47c67169c635e0e7d18b70b6
-
SSDEEP
6144:GhEtebnPR8jUdG8lkncrYpm02uvhvrIo1m:3ed8YjGcrGiuvVIF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 66a64451860155d3d28a1ecbe8f221fe
Files
-
66a64451860155d3d28a1ecbe8f221fe.exe windows:4 windows x86 arch:x86
43a45b2e85fd26374ca5891d2c385793
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
FindAtomA
GetModuleHandleA
GetLogicalDriveStringsW
GetProcessHeap
GetTimeFormatW
QueryPerformanceFrequency
SetEvent
GetLongPathNameW
GetDateFormatA
EnumDateFormatsA
MulDiv
GetTickCount
GetEnvironmentStringsW
GetVolumeInformationA
IsValidLocale
lstrcpyW
OpenFile
GetShortPathNameA
OpenSemaphoreW
GetNumberFormatW
CopyFileExW
IsBadReadPtr
QueryPerformanceCounter
lstrcat
RemoveDirectoryA
GetShortPathNameW
GetExpandedNameW
GetCurrentDirectoryA
user32
PeekMessageW
SetCursorPos
GetForegroundWindow
AppendMenuW
GetSubMenu
GetMessageA
EnumWindows
RegisterWindowMessageA
GetActiveWindow
GetScrollPos
DestroyCursor
IsChild
RemoveMenu
GetMenuInfo
GetMenuItemInfoA
wvsprintfA
IsMenu
CreatePopupMenu
LoadCursorA
DialogBoxParamA
EndDialog
MonitorFromPoint
CreateDialogIndirectParamA
GetKeyboardType
gdi32
CreateEllipticRgn
SetMetaFileBitsEx
CreatePolyPolygonRgn
CreatePen
CreateFontIndirectExW
CreateDIBSection
CreateFontW
CreateFontIndirectA
CreateFontIndirectW
GetRasterizerCaps
StretchDIBits
GdiGetBatchLimit
CreateScalableFontResourceW
GetMetaFileA
comctl32
ImageList_SetBkColor
ImageList_BeginDrag
comdlg32
FindTextW
opengl32
glRects
glVertex2sv
glColor3s
wglDescribePixelFormat
setupapi
SetupDiGetDeviceInfoListDetailW
pSetupStringTableLookUpStringEx
SetupDiOpenDevRegKey
SetupInstallServicesFromInfSectionExW
SetupGetInfInformationA
wininet
FtpGetFileEx
FindNextUrlCacheEntryA
InternetTimeToSystemTime
SetUrlCacheEntryGroupA
InternetTimeToSystemTimeA
InternetEnumPerSiteCookieDecisionW
InternetAutodialHangup
DeleteUrlCacheEntryW
DeleteUrlCacheEntryA
FreeUrlCacheSpaceW
InternetGetCookieExA
InternetSetPerSiteCookieDecisionW
InternetSetOptionW
FtpRenameFileW
InternetClearAllPerSiteCookieDecisions
inetcomm
MimeOleCreateHashTable
MimeOleGetPropertySchema
HrGetAttachIcon
DllGetClassObject
GetDllMajorVersion
MimeOleGetFileInfo
wsock32
getservbyport
GetTypeByNameW
s_perror
WSAAsyncGetProtoByNumber
WSACancelAsyncRequest
recv
send
ntohl
WSAAsyncSelect
GetAddressByNameW
listen
WSASetBlockingHook
Sections
.qCTQQ Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.uGOK Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mvsNWD Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.kMTsm Size: 2KB - Virtual size: 475KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.NqvD Size: 3KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.WIF Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.M Size: 16KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.WiPC Size: 3KB - Virtual size: 417KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ