Static task
static1
Behavioral task
behavioral1
Sample
9a68120e811e8681ff5bf716a465fcb7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9a68120e811e8681ff5bf716a465fcb7.exe
Resource
win10v2004-20231215-en
General
-
Target
9a68120e811e8681ff5bf716a465fcb7
-
Size
476KB
-
MD5
9a68120e811e8681ff5bf716a465fcb7
-
SHA1
ace9c51554199cdd0a45d8cfb181cc4b01713a50
-
SHA256
e7b04cc88e4010b8cd5c570323677f5789ced9fdb46abf1bcdc618a846c98bba
-
SHA512
4820a35bdc594444129adf45bdd0dd54afda7a2de9144a44f83e3ee1b48c2796a7ff24559a7e9a16d0a629dac1d2836c34e6ca4e8cf359f83b96b81ced67be18
-
SSDEEP
12288:PRPq3pNUk7+2xObwM/XaLGuK4oXKTKHq0Hw:oMF/bwM/XkK4oae6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9a68120e811e8681ff5bf716a465fcb7
Files
-
9a68120e811e8681ff5bf716a465fcb7.exe windows:4 windows x86 arch:x86
d7a9dae56169ec08ce0debe80a2821a6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
GetProcessHeap
InterlockedExchange
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
GetCPInfo
GetOEMCP
LoadLibraryA
HeapFree
GetSystemTimeAsFileTime
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetVersionExA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageW
GlobalFree
DeleteAtom
GetACP
lstrlenW
lstrcpyW
lstrcatW
FindAtomA
GetLocaleInfoA
lstrcpyA
lstrcatA
AddAtomA
GlobalUnlock
GlobalHandle
GetProcAddress
WritePrivateProfileStringW
lstrlenA
GlobalLock
GlobalAlloc
GetModuleFileNameW
lstrcpynW
MulDiv
GetModuleHandleW
FreeLibrary
IsBadWritePtr
GetPrivateProfileStringW
lstrcmpiW
LocalAlloc
LocalFree
GetCurrentProcessId
ResetEvent
WaitForSingleObject
GetExitCodeThread
SetEvent
WaitForMultipleObjects
GetCurrentProcess
DuplicateHandle
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetUserDefaultUILanguage
GetNumberFormatW
GetNumberFormatA
WideCharToMultiByte
GetTickCount
GetSystemInfo
VirtualQuery
TlsSetValue
MultiByteToWideChar
GetCurrentThreadId
GetUserDefaultLCID
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
VirtualFree
VirtualProtect
user32
SetWindowPos
AdjustWindowRect
GetWindowLongW
ScreenToClient
GetWindowRect
GetDlgItem
SetDlgItemTextW
CharLowerA
CharLowerBuffA
wsprintfW
LoadStringW
wvsprintfW
RegisterClassW
GetScrollPos
GetClientRect
LoadCursorW
SendMessageW
DefWindowProcW
CheckDlgButton
MoveWindow
CharUpperBuffA
SetWindowLongW
SetScrollRange
ReleaseDC
GetDC
ShowWindow
EnableWindow
SetDlgItemInt
InvalidateRect
GetSystemMetrics
GetActiveWindow
WindowFromDC
OffsetRect
DrawTextW
SetRectEmpty
SetTimer
KillTimer
MessageBoxW
PostMessageW
IsRectEmpty
SetRect
GetParent
SetWindowTextW
GetSysColor
InflateRect
DestroyMenu
GetKeyState
PtInRect
PeekMessageW
TrackPopupMenu
ClientToScreen
DefMDIChildProcW
DestroyIcon
GetClassInfoW
advapi32
RegCloseKey
RegOpenKeyA
RegEnumValueW
RegCreateKeyExW
RegOpenKeyExW
AllocateAndInitializeSid
CheckTokenMembership
RegCreateKeyA
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegQueryValueExA
FreeSid
gdi32
CloseMetaFile
SetWindowExtEx
DeleteMetaFile
RestoreDC
SaveDC
GetDeviceCaps
GetTextExtentPointW
ExcludeClipRect
CreatePatternBrush
SetDIBits
GetNearestColor
GetBitmapBits
PatBlt
GetPixel
SetBkColor
ExtTextOutW
GetClipBox
SetBitmapBits
SetWindowOrgEx
SetDIBitsToDevice
StretchDIBits
GdiFlush
SetStretchBltMode
RealizePalette
GetStockObject
SelectPalette
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
GetSystemPaletteEntries
UnrealizeObject
ResizePalette
SetPaletteEntries
SetDIBColorTable
GetObjectW
GetPaletteEntries
CreatePalette
DeleteObject
SelectObject
DeleteDC
LPtoDP
GetDCOrgEx
IntersectClipRect
StretchBlt
ole32
CoCreateInstance
Sections
.text Size: 452KB - Virtual size: 450KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 303KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ