Static task
static1
Behavioral task
behavioral1
Sample
674bbc42903815ccbdcb024e6d5755b8.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
674bbc42903815ccbdcb024e6d5755b8.exe
Resource
win10v2004-20231222-en
General
-
Target
674bbc42903815ccbdcb024e6d5755b8
-
Size
36KB
-
MD5
674bbc42903815ccbdcb024e6d5755b8
-
SHA1
d8fd038cccccc58f1ffc17d8f96664ac881bb2af
-
SHA256
8d8090212bafbb7d9172a2b5dfb887f8f4bdd414c6bd175228a010c17b06799b
-
SHA512
86bd0bc399bb72cbb68408241dcd4dac414171bb0efc0b06a559024a2b4a01919972a47d03d52c5a163f60fd4f1441c385ff44537cd059230de92aa3c4d07e1f
-
SSDEEP
768:Z4f+/pkYp7sM1A4kVgrjqGs8BhpzjxR6mcCht:if+/pkoC0qGs8Dpzjb6M
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 674bbc42903815ccbdcb024e6d5755b8
Files
-
674bbc42903815ccbdcb024e6d5755b8.exe windows:4 windows x86 arch:x86
8630f68af088490ae43dd1d414ad20e5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
LockServiceDatabase
RegDeleteKeyA
DestroyPrivateObjectSecurity
GetServiceKeyNameW
GetUserNameA
LookupAccountSidA
GetUserNameW
InitiateSystemShutdownW
RegReplaceKeyA
GetFileSecurityA
RegRestoreKeyW
OpenThreadToken
RegOpenKeyW
RegEnumValueA
NotifyChangeEventLog
GetServiceDisplayNameA
UnlockServiceDatabase
CryptGetProvParam
RegOpenKeyA
CryptDeriveKey
AbortSystemShutdownA
kernel32
GetStdHandle
SetLocaleInfoA
GetProcessPriorityBoost
GetModuleHandleA
GetModuleHandleW
GetLocalTime
SetConsoleCursorPosition
GetFileAttributesW
SetConsoleWindowInfo
InterlockedIncrement
EnumCalendarInfoA
DebugBreak
VirtualAllocEx
GetStartupInfoW
WideCharToMultiByte
InterlockedExchange
_lread
lstrcmpW
GetLastError
OpenEventW
FindResourceW
VirtualFree
FreeEnvironmentStringsA
_llseek
HeapValidate
lstrcmpA
GetCurrentThreadId
GetCommandLineW
EnumSystemLocalesA
RequestDeviceWakeup
CreateMailslotW
lstrcmpiA
GetDiskFreeSpaceExA
lstrcmpiW
HeapCompact
ExitProcess
GetProfileStringW
OpenMutexW
FlushViewOfFile
SetCommTimeouts
DeleteFiber
lstrlenA
FillConsoleOutputCharacterW
DisableThreadLibraryCalls
GetProcessHeap
TransactNamedPipe
SearchPathW
OpenWaitableTimerA
SetConsoleTitleW
SetErrorMode
GetDefaultCommConfigA
GetComputerNameA
FreeConsole
LoadModule
msvcrt
_futime
iswpunct
floor
fgetc
atexit
__doserrno
_access
time
_abnormal_termination
_getche
_wcsnset
_cwait
__fpecode
_ismbcsymbol
_wasctime
_wperror
wcsncmp
fgetpos
fwrite
bsearch
_beginthread
_strdate
_fileinfo
puts
__initenv
_winver
_CIatan2
_wspawnv
_ismbbkana
calloc
_open
fflush
frexp
__p__commode
gdi32
GetMiterLimit
RectInRegion
GetObjectA
SetLayout
SetLayout
GetROP2
CreateBrushIndirect
CancelDC
GetTextCharset
CreateHatchBrush
GetWinMetaFileBits
GetCurrentPositionEx
GetObjectType
RealizePalette
CreateCompatibleDC
SetStretchBltMode
AnimatePalette
CreateFontIndirectA
PolyTextOutW
GetCharABCWidthsFloatW
GetTextMetricsA
SwapBuffers
EqualRgn
GetCharABCWidthsFloatA
GetFontLanguageInfo
CopyEnhMetaFileA
user32
GetCaretPos
SetScrollPos
LoadAcceleratorsW
GetMonitorInfoA
SetClipboardData
CreateDialogIndirectParamA
GetWindowTextA
GetCapture
OpenDesktopW
ScreenToClient
GetWindowWord
EndPaint
mouse_event
DdePostAdvise
GetThreadDesktop
MessageBoxW
IMPQueryIMEA
GetClipboardSequenceNumber
CharUpperA
FindWindowExA
DdeGetData
SendNotifyMessageA
CreateWindowStationW
GetClassNameW
FindWindowExW
DefFrameProcW
LoadStringA
IsIconic
InsertMenuItemA
UnregisterClassA
GetProcessWindowStation
DdeCreateStringHandleW
Sections
.text Size: 22KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.okl Size: 7KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gtwd Size: 5KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ