Static task
static1
Behavioral task
behavioral1
Sample
36e2f696d0f913ed84547dec988760260af5ea7c7467be4993148cf97f09954d.exe
Resource
win7-20231129-en
General
-
Target
36e2f696d0f913ed84547dec988760260af5ea7c7467be4993148cf97f09954d
-
Size
6.9MB
-
MD5
74216c64cc0fc1d22feb7bddb22afae2
-
SHA1
c9af066ed22e7f927538769a2e4d47f459f860a9
-
SHA256
36e2f696d0f913ed84547dec988760260af5ea7c7467be4993148cf97f09954d
-
SHA512
af19e4a6eba7b12e50d8ebca2c7139a08d67e481ed23eb7d19afac5e3986ed6ba9804344e1e8b0a670e9d0d92e4e1e70b4c2abfce15bb645ec735472cee41153
-
SSDEEP
98304:o57lBcSEMxRNeWgR1zsroXdHJy1U3zxKEBz9s5FBpjla:o5ncSddM3zxKEB2LBpjl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 36e2f696d0f913ed84547dec988760260af5ea7c7467be4993148cf97f09954d
Files
-
36e2f696d0f913ed84547dec988760260af5ea7c7467be4993148cf97f09954d.exe windows:6 windows x86 arch:x86
5139b7a42b49b4a13b6d4f5981ad92a8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
libcef
cef_string_list_append
cef_string_utf8_clear
cef_string_utf16_to_utf8
cef_string_utf8_to_utf16
cef_string_utf16_set
cef_string_utf16_cmp
cef_string_ascii_to_utf16
cef_string_multimap_key
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_utf16_clear
cef_string_multimap_value
cef_string_map_append
cef_string_list_value
cef_string_list_size
cef_string_map_size
cef_string_multimap_size
cef_string_map_value
cef_string_map_key
cef_string_multimap_append
cef_log
cef_initialize
cef_quit_message_loop
cef_string_userfree_utf16_free
cef_run_message_loop
cef_api_hash
cef_execute_process
cef_string_list_alloc
cef_shutdown
cef_uriencode
cef_base64encode
cef_string_list_free
cef_command_line_create
cef_string_map_alloc
cef_string_map_free
cef_command_line_get_global
cef_browser_host_create_browser
cef_enable_highdpi_support
kernel32
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineA
VirtualQuery
VirtualAlloc
GetDateFormatW
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
GetStdHandle
GetTimeFormatW
IsValidLocale
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
EnumSystemLocalesW
GetTempFileNameW
GetProfileIntW
SearchPathW
GetTempPathW
GetWindowsDirectoryW
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
FlushFileBuffers
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CompareStringA
WriteConsoleW
lstrcmpA
GetCurrentThread
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
GetFileSize
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
MulDiv
GlobalSize
SetLastError
FreeLibrary
LoadLibraryW
CopyFileW
DeleteFileW
SetFileAttributesW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetCurrentProcess
GetProcAddress
GetVolumeInformationW
GetDriveTypeW
GetLogicalDrives
MultiByteToWideChar
GetCommandLineW
FindResourceExW
GetPrivateProfileIntW
GetModuleHandleW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
WideCharToMultiByte
GetFileAttributesW
Sleep
GetTickCount
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
lstrlenW
lstrcpyW
GetVersionExW
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
CreateFileW
LocalFree
FormatMessageW
GetLastError
CreateDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetSystemInfo
user32
WaitMessage
IsZoomed
PostQuitMessage
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SystemParametersInfoW
SetRectEmpty
SendDlgItemMessageA
WindowFromPoint
LoadMenuW
GetWindowThreadProcessId
ClientToScreen
ReleaseDC
GetWindowDC
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
MapDialogRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
GetMessageW
TranslateMessage
ShowOwnedPopups
SetTimer
IsIconic
DrawIcon
CharUpperW
DestroyMenu
IntersectRect
GetMonitorInfoW
MonitorFromWindow
SetRect
MonitorFromPoint
EnumDisplayMonitors
GetSysColor
DrawEdge
SetWindowLongW
GetWindowLongW
LoadBitmapW
SetForegroundWindow
KillTimer
keybd_event
GetCursorPos
GetMenuItemInfoW
GetKeyNameTextW
MapVirtualKeyW
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
TrackMouseEvent
SetLayeredWindowAttributes
RegisterClipboardFormatW
DrawFrameControl
DrawFocusRect
DrawIconEx
DeleteMenu
NotifyWinEvent
LoadCursorW
SetCursor
GetWindow
SetWindowRgn
UnionRect
SetParent
GetIconInfo
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
SetWindowContextHelpId
UnpackDDElParam
ReuseDDElParam
CopyRect
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
GetUpdateRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
PostMessageW
MessageBoxW
GetForegroundWindow
IsWindow
ShowWindow
MoveWindow
UpdateWindow
DestroyWindow
EnableWindow
MessageBeep
SendMessageW
EqualRect
GetClientRect
GetParent
GetWindowRect
InvalidateRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ReleaseCapture
PtInRect
SetCapture
GetDC
InflateRect
OffsetRect
FillRect
LoadIconW
GetSystemMenu
AppendMenuW
GetSystemMetrics
DrawMenuBar
UpdateLayeredWindow
CharUpperBuffW
SetMenuDefaultItem
GetDoubleClickTime
IsClipboardFormatAvailable
FrameRect
CopyIcon
SetCursorPos
InvertRect
HideCaret
EnableScrollBar
GetMenuDefaultItem
GetNextDlgGroupItem
InvalidateRgn
CharNextW
SetClassLongW
LockWindowUpdate
EnumChildWindows
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
ModifyMenuW
IsMenu
gdi32
DeleteDC
SetBkColor
SetTextColor
Ellipse
CreateDCW
SetViewportOrgEx
SetViewportExtEx
GetDeviceCaps
CreateDIBPatternBrushPt
CopyMetaFileW
GetObjectW
CreateBitmap
CreateHatchBrush
CreatePatternBrush
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetWindowExtEx
DeleteObject
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
RealizePalette
StretchBlt
CreateDIBSection
SetDIBColorTable
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextColor
GetBkColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
GetRgnBox
OffsetRgn
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
CreateEllipticRgn
CombineRgn
CreateRectRgn
CreateRoundRectRgn
SetPixel
CreatePen
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
SetWindowOrgEx
GetDIBits
CreateCompatibleDC
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
RegEnumKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
shell32
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
SHGetFolderPathW
SHBrowseForFolderW
comctl32
InitCommonControlsEx
ImageList_AddMasked
_TrackMouseEvent
shlwapi
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsUNCW
PathFileExistsW
PathFindExtensionW
uxtheme
GetThemeSysColor
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
ole32
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleLockRunning
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
oleaut32
VariantCopy
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantChangeType
VariantClear
VarBstrFromDate
OleCreateFontIndirect
VariantInit
SysFreeString
SysAllocString
SysAllocStringLen
oledlg
OleUIBusyW
gdiplus
GdipFillRectangle
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipGraphicsClear
GdiplusStartup
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreatePath
GdipDeletePath
GdipAddPathStringI
GdipCreatePen1
GdipDeletePen
GdipDrawPath
GdipCreateLineBrushI
GdipDeleteBrush
GdipCloneBrush
GdipSetPenLineJoin
GdipCreateSolidFill
GdipFillPath
GdiplusShutdown
ws2_32
WSAStartup
WSASetLastError
WSACleanup
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 445KB - Virtual size: 444KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.4MB - Virtual size: 4.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 173KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ