Static task
static1
Behavioral task
behavioral1
Sample
8d92e090ddeb95e13917a79df92fa6b0.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8d92e090ddeb95e13917a79df92fa6b0.exe
Resource
win10v2004-20231215-en
General
-
Target
8d92e090ddeb95e13917a79df92fa6b0
-
Size
289KB
-
MD5
8d92e090ddeb95e13917a79df92fa6b0
-
SHA1
0dfca5afbae198b1a1a955f3fa0ab7f3fb07ec1e
-
SHA256
e757893fc5669d0dd63d54ae7926fa60ad7ca76a58ecea8a810f44a8c1985600
-
SHA512
be44d656e22a104d5e213b0390157a454264098378547204872672f722910a17ebf29b016514cd815fa07380f1f64701ce10a742d48eb320d9dcb0d375fe0da1
-
SSDEEP
6144:MXA3dHgRBADe1vxxkEE1kiM5v14BczM36kMkqwolQbIagNIy4:gAckEE1nM5v14ez8wHQbIagd4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8d92e090ddeb95e13917a79df92fa6b0
Files
-
8d92e090ddeb95e13917a79df92fa6b0.exe windows:5 windows x86 arch:x86
3cb19d3e8d1f42566f68c9da4ebaca75
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
strncpy
wcsncpy
strrchr
strstr
_purecall
_wtoi
memmove
wcsncmp
_itow
wcslen
??3@YAXPAX@Z
free
malloc
wcscmp
strchr
ceil
strncat
time
calloc
wcsncat
wcstok
_wcsupr
iswalnum
_stricmp
_strlwr
_ftol
wcsrchr
swscanf
_errno
??2@YAPAXI@Z
_wcslwr
wcsstr
_wtol
strlen
strpbrk
iswalpha
iswdigit
wcspbrk
iswspace
_snwprintf
towupper
strcmp
wcschr
_wcsicmp
_wcsnicmp
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
_vsnprintf
_endthread
_beginthreadex
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_vsnwprintf
advapi32
RegSetValueExA
RegSetValueExW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegCreateKeyExW
RegCreateKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
LookupPrivilegeValueA
LookupPrivilegeValueW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
InitiateSystemShutdownExW
CloseServiceHandle
QueryServiceStatus
EnumDependentServicesW
ControlService
OpenServiceW
OpenSCManagerW
StartServiceW
RegQueryValueExA
kernel32
SetCurrentDirectoryA
RemoveDirectoryW
RemoveDirectoryA
QueryDosDeviceW
QueryDosDeviceA
OpenEventW
OpenEventA
lstrlenA
GetACP
GetSystemDirectoryW
GetSystemDirectoryA
GetProfileStringW
GetProfileStringA
GetDriveTypeW
GetDriveTypeA
GetModuleHandleA
FormatMessageW
CreateProcessW
CreateProcessA
OpenMutexW
CreateMutexW
CreateMutexA
SetCurrentDirectoryW
WriteProfileStringA
WriteProfileStringW
WriteFile
GetFileSize
CompareStringW
GetDiskFreeSpaceA
GetShortPathNameW
GetShortPathNameA
GetWindowsDirectoryW
GlobalLock
GlobalAlloc
GetConsoleCP
PulseEvent
GlobalUnlock
CreateSemaphoreA
TlsFree
GlobalFree
GetLocaleInfoW
GetTimeZoneInformation
CreateFileMappingW
CreateFileMappingA
GetVersionExW
WritePrivateProfileStringW
WritePrivateProfileStringA
SetFileAttributesW
SetFileAttributesA
IsBadWritePtr
IsBadReadPtr
MoveFileW
MoveFileA
MoveFileExW
MoveFileExA
FindAtomA
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
GetTempPathW
GetTempPathA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetConsoleOutputCP
lstrcpynW
GetModuleHandleW
GetModuleFileNameW
GetFileAttributesW
LocalFree
GetFileAttributesA
GetCurrentDirectoryW
GetCurrentDirectoryA
FindNextFileW
FindNextFileA
FindFirstFileW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
DeleteFileW
DeleteFileA
CreateFileW
CreateEventW
CreateEventA
OpenSemaphoreW
CreateDirectoryW
CreateDirectoryA
CompareStringA
CopyFileW
FindResourceW
CopyFileA
FindResourceExA
AreFileApisANSI
SetLastError
VirtualAlloc
GetWindowsDirectoryA
lstrlenW
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetEvent
EnterCriticalSection
GetStdHandle
GetSystemDefaultLCID
LeaveCriticalSection
ResetEvent
DeleteCriticalSection
CreateSemaphoreW
WaitForSingleObject
InitializeCriticalSection
ReleaseMutex
GetAtomNameA
GetModuleFileNameA
FindFirstFileA
FindClose
CreateFileA
OpenMutexA
GetLogicalDrives
ReadFile
GetTempFileNameA
OpenSemaphoreA
GetCommandLineW
GetProcAddress
FreeLibrary
InterlockedExchange
TlsSetValue
CloseHandle
GetLastError
FileTimeToSystemTime
GetFileTime
GetExitCodeProcess
WaitForMultipleObjects
GetSystemDefaultLangID
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
Sleep
InterlockedIncrement
InterlockedDecrement
CreateThread
HeapFree
HeapAlloc
GetProcessHeap
DeviceIoControl
GetUserDefaultLangID
SetErrorMode
GetVersion
GetExitCodeThread
GetThreadLocale
GetLocaleInfoA
GetStartupInfoA
gdi32
GetPixel
CreateFontA
ExtCreatePen
GetTextFaceA
ExtTextOutW
CreateFontIndirectW
CreateFontIndirectA
CreatePen
SelectObject
PatBlt
GetTextMetricsW
SetPixel
GetTextMetricsA
GetObjectW
GetObjectType
DeleteObject
SetBkColor
SetBkMode
SetTextColor
CreateSolidBrush
GetDeviceCaps
GetStockObject
CreateCompatibleDC
SetMapMode
GetObjectA
DeleteDC
user32
SetWindowTextW
SendDlgItemMessageW
LoadIconW
GetCursor
SendMessageW
LoadIconA
LoadCursorW
LoadCursorA
IsDialogMessageW
IsDialogMessageA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetWindowLongA
GetMessageW
GetMessageA
GetClassNameA
GetClassLongA
GetProcessDefaultLayout
FindWindowW
RegisterClassExA
FindWindowA
DrawTextW
DrawTextA
DispatchMessageW
DispatchMessageA
DefWindowProcW
DefWindowProcA
CountClipboardFormats
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
RegisterWindowMessageA
GetInputState
UnregisterClassW
UnregisterClassA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostThreadMessageA
PostMessageW
PostMessageA
PeekMessageW
LoadBitmapA
PeekMessageA
LoadImageW
LoadImageA
CallWindowProcW
CallWindowProcA
SendMessageA
SetWindowLongW
GetClipboardViewer
SetWindowLongA
FindWindowExA
FindWindowExW
CharNextA
MsgWaitForMultipleObjects
EnumWindows
GetClipboardSequenceNumber
GetDesktopWindow
MoveWindow
LoadMenuA
SetCursor
DestroyCursor
GetScrollInfo
SetScrollInfo
ScrollWindow
GetActiveWindow
TranslateMessage
UpdateWindow
GetClientRect
IsWindow
BeginPaint
EndPaint
PostQuitMessage
InvalidateRect
GetSystemMetrics
SetWindowTextA
CharNextW
DestroyWindow
ShowWindow
EnableWindow
ScreenToClient
SetWindowPos
GetParent
GetDlgItem
GetWindowRect
GetDC
MapWindowPoints
DrawFocusRect
GetClipboardOwner
ReleaseDC
SetFocus
MessageBoxW
MessageBoxA
LoadStringW
LoadStringA
ole32
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
comctl32
InitCommonControlsEx
shell32
ShellExecuteA
ShellExecuteW
SHGetPathFromIDListA
ShellExecuteExA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetMalloc
wininet
InternetCrackUrlA
InternetCrackUrlW
setupapi
SetupFindNextLine
SetupGetBinaryField
SetupIterateCabinetA
SetupCloseInfFile
wintrust
WinVerifyTrust
mpr
WNetGetConnectionA
WNetCancelConnection2W
WNetAddConnection2W
WNetGetConnectionW
urlmon
ObtainUserAgentString
UrlMkSetSessionOption
version
VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
Sections
.text Size: 69KB - Virtual size: 70KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 210KB - Virtual size: 305KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 244B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ