Static task
static1
Behavioral task
behavioral1
Sample
8d138d62870e1ea0c319edee5c3853cb.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8d138d62870e1ea0c319edee5c3853cb.exe
Resource
win10v2004-20231215-en
General
-
Target
8d138d62870e1ea0c319edee5c3853cb
-
Size
878KB
-
MD5
8d138d62870e1ea0c319edee5c3853cb
-
SHA1
de142f676d89bba1e477ea0f352560aad5a63949
-
SHA256
dd01f125cc93b8197ef5279a89fb4814f330d68f80d8eb31bf7fc42d972a7920
-
SHA512
831c162e6289c53495ad4233a203b14839d69eb9595e88624da118ae6ef2e0f52496beb9fe60c6781279c229bae7e7b61f21499194e9592bc359d33fd0d34739
-
SSDEEP
12288:z+WGoStTv0MvkiLkivJVecKE85s5pTqH5H0WDjm5+wh3CyxQ:iWG1tAM8iLkivJVecXJ4ZH0WXav3C
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8d138d62870e1ea0c319edee5c3853cb
Files
-
8d138d62870e1ea0c319edee5c3853cb.exe windows:4 windows x86 arch:x86
889358c6e097621ada987d0584dcacb0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ddraw
DirectDrawCreate
dplayx
ord1
dsound
DirectSoundCreate
kernel32
SetFilePointer
ReadFile
WriteFile
CreateThread
FindFirstFileA
GetLocalTime
UnmapViewOfFile
GlobalMemoryStatus
FreeLibrary
GetProcAddress
Sleep
LoadLibraryA
LoadResource
FindResourceA
DeleteFileA
GetFullPathNameA
GetDiskFreeSpaceA
ExitProcess
GetTickCount
SetEvent
WaitForSingleObject
CreateEventA
LockResource
GetTempPathA
GetTempFileNameA
GetCommState
GetLastError
SetThreadPriority
WaitForMultipleObjects
SleepEx
QueryPerformanceCounter
QueryPerformanceFrequency
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
FileTimeToSystemTime
FileTimeToLocalFileTime
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
HeapAlloc
HeapFree
RtlUnwind
GetCurrentThreadId
TlsSetValue
ExitThread
GetComputerNameA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
FindClose
FindNextFileA
TlsAlloc
SetLastError
TlsGetValue
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
CreateFileA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetTimeZoneInformation
GetLocaleInfoA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileSize
CreateFileMappingA
MapViewOfFile
CloseHandle
GetModuleFileNameA
GetModuleHandleA
GetDriveTypeA
GetVolumeInformationA
EnterCriticalSection
LeaveCriticalSection
GetStartupInfoA
GetStringTypeA
LocalAlloc
RaiseException
LocalFree
GetCurrentDirectoryA
user32
SetForegroundWindow
FindWindowA
RegisterClassExA
SetWindowPos
SetWindowLongA
GetTopWindow
UpdateWindow
LoadIconA
InvalidateRect
IntersectRect
GetActiveWindow
GetKeyState
MessageBoxA
CharUpperA
wsprintfA
ScreenToClient
GetCursorPos
SetCursorPos
ReleaseCapture
GetAsyncKeyState
CreateWindowExA
IsWindow
DispatchMessageA
TranslateMessage
PeekMessageA
GetDesktopWindow
ShowWindow
GetClientRect
GetWindowRect
PostQuitMessage
BeginPaint
ClientToScreen
EndPaint
DefWindowProcA
EndDialog
GetDlgItem
SetWindowTextA
DialogBoxParamA
ShowCursor
PostMessageA
AdjustWindowRect
GetSystemMetrics
SetCapture
GetDC
GetParent
gdi32
GetStockObject
SelectPalette
DeleteObject
advapi32
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
winmm
timeGetTime
mciSendCommandA
ole32
CoCreateInstance
CoUninitialize
CoInitialize
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
Sections
.text Size: 676KB - Virtual size: 675KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 182KB - Virtual size: 674KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.skip Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mysafe Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mysaff Size: 1024B - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE