C:\UFRU\ZEE.PDB
Static task
static1
Behavioral task
behavioral1
Sample
788ade1f2583b48f76de1dca09bfde9b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
788ade1f2583b48f76de1dca09bfde9b.exe
Resource
win10v2004-20231222-en
General
-
Target
788ade1f2583b48f76de1dca09bfde9b
-
Size
364KB
-
MD5
788ade1f2583b48f76de1dca09bfde9b
-
SHA1
90875bfd8c466de69abe6f204694de4650a25150
-
SHA256
49da5ef81a6742a465179e60cb0372535ac949f57b684f9e10ee98d587dc65f8
-
SHA512
4a2bdd255f8c1fbd19e1dccc60c70c8722ab90f642265a6ba1d6fc8835d5dd8f25639cf57b60fbe0825626aff71af931b7a6ce298105c8510091c9603a69ae8c
-
SSDEEP
6144:dbGjeauzL6BA/GTFA05jhWKJLRfea/ENWKSl7swBB0QWzWcwlGv/4renaSlN1Yxq:dkSL6BA/sFAIjPJLkq7F0QWz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 788ade1f2583b48f76de1dca09bfde9b
Files
-
788ade1f2583b48f76de1dca09bfde9b.exe windows:4 windows x86 arch:x86
9ac5f3f316cf6c71dd0d1064105a1699
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
comctl32
ImageList_Add
InitCommonControlsEx
CreateUpDownControl
ImageList_Draw
kernel32
FreeResource
GetProcessHeap
GetConsoleCursorInfo
GetConsoleCP
IsValidLocale
CreateFileMappingA
RtlUnwind
ExitProcess
SetConsoleWindowInfo
QueryPerformanceCounter
LCMapStringW
LoadLibraryA
GetSystemDefaultLangID
UnhandledExceptionFilter
IsDebuggerPresent
GetFileType
VirtualQuery
TlsSetValue
FileTimeToDosDateTime
SetConsoleCtrlHandler
IsValidCodePage
LCMapStringA
GetUserDefaultLCID
FreeLibrary
SetLastError
ExitThread
SetHandleCount
SetStdHandle
lstrcatA
SetThreadLocale
GetConsoleOutputCP
SetThreadPriority
CompareStringW
GetCommandLineW
GetModuleFileNameW
GetEnvironmentVariableA
LeaveCriticalSection
GetStringTypeA
GetStdHandle
GetACP
GetWindowsDirectoryW
TlsAlloc
CreateDirectoryExA
AddAtomA
GetOEMCP
WriteConsoleA
IsBadWritePtr
DuplicateHandle
VirtualFree
HeapAlloc
SetTimeZoneInformation
TlsGetValue
GlobalAddAtomA
GetProcessShutdownParameters
WideCharToMultiByte
CompareStringA
GetEnvironmentVariableW
GetCurrentThread
DeleteCriticalSection
WriteFile
RemoveDirectoryW
GetConsoleMode
GetTimeFormatW
SetConsoleScreenBufferSize
GetSystemTimeAsFileTime
GetLocaleInfoA
CreateSemaphoreA
VirtualLock
GetCurrentProcess
HeapSize
WriteProfileSectionW
InterlockedDecrement
VirtualAlloc
SetConsoleCursorPosition
GetCommandLineA
InterlockedExchange
SetConsoleMode
GetVersionExA
EnumDateFormatsExW
InitializeCriticalSection
SetEnvironmentVariableA
EnterCriticalSection
MultiByteToWideChar
CopyFileA
GetTimeFormatA
GetEnvironmentStringsW
GetCurrentProcessId
HeapCreate
InterlockedIncrement
DebugActiveProcess
SetCurrentDirectoryW
FillConsoleOutputCharacterW
Sleep
EnumSystemLocalesW
GetLastError
TlsFree
CloseHandle
DeleteFiber
TerminateProcess
WriteConsoleW
GetStartupInfoW
GetStringTypeW
DebugBreak
ReadConsoleOutputCharacterW
ReadConsoleInputA
GetModuleHandleA
HeapFree
GetEnvironmentStrings
CreateNamedPipeA
GetLocaleInfoW
GetComputerNameW
FlushFileBuffers
GetCurrentThreadId
GetShortPathNameW
ReadFile
GlobalDeleteAtom
HeapReAlloc
GetTimeZoneInformation
GetProcAddress
SetUnhandledExceptionFilter
GetModuleFileNameA
GetThreadSelectorEntry
GetTickCount
OpenWaitableTimerW
HeapDestroy
ContinueDebugEvent
GetDateFormatA
SetWaitableTimer
FreeEnvironmentStringsW
CreateNamedPipeW
FreeEnvironmentStringsA
CreateFileA
CreateMutexA
EnumSystemLocalesA
WritePrivateProfileStructW
OpenMutexA
GetStartupInfoA
ReadConsoleInputW
SetFilePointer
DeleteAtom
OpenProcess
GetCPInfo
VirtualAllocEx
GetFileAttributesA
GlobalUnfix
user32
DestroyWindow
CopyAcceleratorTableA
RegisterClassExA
SendNotifyMessageA
ExcludeUpdateRgn
MessageBoxA
DdeAbandonTransaction
SetClipboardData
AnimateWindow
ShowWindow
GetForegroundWindow
GetProcessWindowStation
ReleaseCapture
FindWindowExW
RegisterDeviceNotificationA
EnumClipboardFormats
DdeCmpStringHandles
SetMenuItemBitmaps
FindWindowExA
CallMsgFilter
DeleteMenu
ClipCursor
RegisterClassA
SetUserObjectInformationA
CreateWindowExW
GetClassInfoW
GetMenu
IsZoomed
EnumDisplayDevicesA
SetWinEventHook
DestroyMenu
CharLowerBuffA
GetInputState
RegisterHotKey
RedrawWindow
SetClassLongA
RegisterClassExW
RemoveMenu
GetWindowContextHelpId
DefWindowProcW
ShowWindowAsync
Sections
.text Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 122KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ