Static task
static1
Behavioral task
behavioral1
Sample
5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a
-
Size
248KB
-
MD5
7daabf790f6c0ac958a8c8379ffaf36d
-
SHA1
60feb4623dcd4b19a3db25d16bacd703f6bad986
-
SHA256
5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a
-
SHA512
1e62db44dc6bbdc3b41ba504ec640f6a795a6e83c3b433a8232ba701c7dba02e64aa8b5a791fa9fb2984cac9e9ef338e21d3971869e0a163277b7c6aa7f29786
-
SSDEEP
6144:61UuNikXCUNLxy1WMN83mGVBtjG6VaF3ghl6:6WuNi6NLx8WMN0njGoeQhl6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a
Files
-
5560f4803a3ccdf3e81ae5cfb01bbb34e6799ae55e1803fbad943035e6c20a1a.exe windows:4 windows x86 arch:x86
7b7e9d9432ae31c5dd037f459a0d510f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42u
ord1569
ord5568
ord2910
ord3871
ord537
ord940
ord942
ord1172
ord6451
ord470
ord755
ord2371
ord4282
ord5679
ord5706
ord858
ord1143
ord2717
ord1131
ord2613
ord1165
ord5939
ord5714
ord1197
ord815
ord561
ord3733
ord4616
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord2078
ord6330
ord2859
ord5977
ord6376
ord6193
ord6195
ord538
ord3087
ord800
ord4279
ord3991
ord540
ord3993
ord6898
ord861
ord2810
ord6211
ord6871
ord4229
ord2294
ord641
ord324
ord567
ord693
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord3356
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord2506
ord4704
ord4992
ord4847
ord4370
ord5261
ord3635
ord4418
ord3365
ord5286
ord4396
ord1768
ord6051
ord2574
ord823
ord825
msvcrt
_onexit
wcschr
??0exception@@QAE@ABV0@@Z
strncpy
??0exception@@QAE@XZ
_CxxThrowException
memmove
??1exception@@UAE@XZ
_ftol
_purecall
_wcsicmp
fclose
fwrite
_wfopen
wcscmp
wcscpy
_wtol
wcscat
_beginthreadex
wcstol
wcsstr
isprint
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_controlfp
__CxxFrameHandler
kernel32
GetTickCount
GetSystemInfo
GetModuleHandleW
WideCharToMultiByte
TerminateThread
GetStartupInfoW
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetProcAddress
SetEvent
InterlockedIncrement
GetTempPathW
CreateDirectoryW
DeleteFileW
GetPrivateProfileStringW
CreateProcessW
RemoveDirectoryW
InterlockedDecrement
WaitForMultipleObjects
Sleep
CreateEventW
GetVersionExW
WaitForSingleObject
CreateMutexW
GetLastError
CloseHandle
GetCommandLineW
GetCurrentThreadId
lstrcpynW
lstrlenW
lstrcpyW
GetModuleFileNameW
lstrcatW
GetUserDefaultLangID
CreateFileW
GetFileSize
ReadFile
SystemTimeToFileTime
CompareFileTime
GetLocalTime
FileTimeToSystemTime
FreeLibrary
LocalAlloc
user32
CreateWindowExW
SetTimer
ShowWindow
DefWindowProcW
PtInRect
InvalidateRect
RegisterClassExW
LoadCursorW
RegisterWindowMessageW
ReleaseDC
SetWindowRgn
MoveWindow
GetDC
GetSystemMetrics
EnableWindow
GetWindowRect
SendMessageW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetActiveWindow
PostMessageW
GetParent
IsWindow
KillTimer
GetWindowTextW
GetWindowTextLengthW
LoadIconW
DrawIcon
IsIconic
DestroyWindow
wsprintfW
LoadImageW
PostQuitMessage
DispatchMessageW
TranslateMessage
IsDialogMessageW
SetFocus
GetMessageW
GetWindow
EnumThreadWindows
MessageBoxW
DestroyIcon
EndDialog
SetWindowTextW
EndPaint
DrawTextW
GetClientRect
BeginPaint
SetWindowPos
UpdateWindow
LoadBitmapW
gdi32
CreatePolygonRgn
GetStockObject
GetTextExtentPoint32W
SetBkMode
CreateCompatibleDC
SelectObject
Polygon
DeleteDC
DeleteObject
CreateSolidBrush
CreatePen
CreateFontIndirectW
advapi32
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
shell32
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
ole32
CoUninitialize
CoInitialize
crypt32
CertFreeCertificateContext
CertCloseStore
CertGetIntendedKeyUsage
CertSetCertificateContextProperty
CertCreateCertificateContext
CertOpenStore
CryptDecodeObject
CertFindExtension
CryptVerifyCertificateSignature
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertGetNameStringW
CertAddCertificateContextToStore
ftuikit_u
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@XZ
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??_7CNotifyPump@DuiLib@@6B@
??0CPaintManagerUI@DuiLib@@QAE@XZ
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??1CNotifyPump@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBGXZ
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@PBGH@Z
??1CDuiString@DuiLib@@QAE@XZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBGKKHHHHPAUHMENU__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPBG0@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?GetResourceID@WindowImplBase@DuiLib@@UBEPBGXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?SetUserData@CControlUI@DuiLib@@UAEXPBG@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetShortcut@CControlUI@DuiLib@@UAEXG@Z
?GetShortcut@CControlUI@DuiLib@@UBEGXZ
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetX@CControlUI@DuiLib@@UBEHXZ
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?SetToolTip@CControlUI@DuiLib@@UAEXPBG@Z
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ
?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?FindSubControlsByClass@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PAVCControlUI@2@PBG@Z
?GetSize@CStdPtrArray@DuiLib@@QBEHXZ
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?Right@CDuiString@DuiLib@@QBE?AV12@H@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?GetData@CDuiString@DuiLib@@QBEPBGXZ
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??1CButtonUI@DuiLib@@UAE@XZ
??0CButtonUI@DuiLib@@QAE@XZ
?SetBorderRound@CControlUI@DuiLib@@QAEXUtagSIZE@@@Z
?GetClass@CButtonUI@DuiLib@@UBEPBGXZ
?GetInterface@CButtonUI@DuiLib@@UAEPAXPBG@Z
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CButtonUI@DuiLib@@UAEXPBG0@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBG@Z
?Find@CDuiString@DuiLib@@QBEHPBGH@Z
?Mid@CDuiString@DuiLib@@QBE?AV12@HH@Z
?GetLength@CDuiString@DuiLib@@QBEHXZ
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z
??0CTextUI@DuiLib@@QAE@XZ
?SetFont@CLabelUI@DuiLib@@QAEXH@Z
?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z
??0CLabelUI@DuiLib@@QAE@XZ
?SetBkImage@CControlUI@DuiLib@@QAEXPBG@Z
?GetClass@CLabelUI@DuiLib@@UBEPBGXZ
?GetInterface@CLabelUI@DuiLib@@UAEPAXPBG@Z
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CLabelUI@DuiLib@@UAEXPBG@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CLabelUI@DuiLib@@UAEXPBG0@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetClass@CTextUI@DuiLib@@UBEPBGXZ
?GetInterface@CTextUI@DuiLib@@UAEPAXPBG@Z
?GetControlFlags@CTextUI@DuiLib@@UBEIXZ
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?EstimateSize@CTextUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetText@CControlUI@DuiLib@@UAEXPBG@Z
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?GetInterface@CControlUI@DuiLib@@UAEPAXPBG@Z
?GetClass@CControlUI@DuiLib@@UBEPBGXZ
?SetName@CControlUI@DuiLib@@UAEXPBG@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??0CControlUI@DuiLib@@QAE@XZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
??1CControlUI@DuiLib@@UAE@XZ
??4CDuiString@DuiLib@@QAEABV01@PBG@Z
??8CDuiString@DuiLib@@QBE_NPBG@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBG@Z
??BCDuiString@DuiLib@@QBEPBGXZ
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?TranslateMessage@CPaintManagerUI@DuiLib@@SA_NQAUtagMSG@@@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PBG@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
?PaintText@CTextUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
wininet
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW
DeleteUrlCacheEntryW
InternetGetConnectedState
InternetCloseHandle
shlwapi
PathFileExistsW
winscard
SCardGetStatusChangeW
SCardEstablishContext
SCardReleaseContext
wintrust
WinVerifyTrust
Sections
.text Size: 98KB - Virtual size: 97KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 14KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 93KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE