Static task
static1
Behavioral task
behavioral1
Sample
0687cd0cce318a55aa8486c3aef8ae063ad74d9414f1ece6a1c411da79ad7613.exe
Resource
win7-20231215-en
General
-
Target
0687cd0cce318a55aa8486c3aef8ae063ad74d9414f1ece6a1c411da79ad7613
-
Size
3.0MB
-
MD5
ca5633884f1c2afe5fb697a2eb8e6ceb
-
SHA1
430274f0f8397c09ffe863da74b616f0042e327d
-
SHA256
0687cd0cce318a55aa8486c3aef8ae063ad74d9414f1ece6a1c411da79ad7613
-
SHA512
b2b2cf1e38ac2ccf09ba9b57505e0f65c9db1aeb54001c2621b1a231b40ff4df24939f17350908963151fedd835f061075c7f2d6f293ce2fb707ac73ca502b33
-
SSDEEP
98304:81KtVejknMTKCr3Zk2jlEHCluHHYmCR4ZKE:yVzZqCluHHYR2n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0687cd0cce318a55aa8486c3aef8ae063ad74d9414f1ece6a1c411da79ad7613
Files
-
0687cd0cce318a55aa8486c3aef8ae063ad74d9414f1ece6a1c411da79ad7613.exe windows:5 windows x86 arch:x86
dd2e65331f2fec8aef348561663ee79f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FlushConsoleInputBuffer
GlobalMemoryStatus
GetSystemTime
CreateSemaphoreA
CreateEventA
SetThreadPriority
GetFullPathNameW
GetDriveTypeW
ExpandEnvironmentStringsW
PeekNamedPipe
WaitForMultipleObjects
GetSystemDirectoryA
SleepEx
SetConsoleMode
MultiByteToWideChar
GetModuleHandleW
InterlockedDecrement
OpenEventW
GetSystemDirectoryW
GetFileTime
GlobalUnlock
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateFileMappingW
CopyFileW
GetTempPathW
DeleteFileW
CreateThread
TerminateThread
Sleep
GetExitCodeThread
GetWindowsDirectoryW
OpenProcess
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
GetProcessHeap
GetCurrentThreadId
ReadConsoleInputA
HeapAlloc
LoadLibraryA
HeapFree
WritePrivateProfileStringW
GetPrivateProfileStringW
LocalFree
FormatMessageW
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
CreateSemaphoreW
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
ReleaseSemaphore
VirtualAlloc
VirtualFree
GetCurrentDirectoryW
GetFileSize
CloseHandle
CreateFileW
SetEndOfFile
SetFilePointer
SetFileTime
WriteFile
SetLocalTime
lstrcmpiW
ReadFile
GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
EncodePointer
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
LoadLibraryExA
LocalAlloc
GetLongPathNameW
GetExitCodeProcess
GetTickCount
HeapReAlloc
HeapSize
WideCharToMultiByte
GlobalAlloc
GlobalFree
lstrcpyW
CreateProcessW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
MoveFileExW
CreateDirectoryW
ReleaseMutex
CreateMutexW
GetVolumeInformationW
GlobalLock
SetErrorMode
GetLocalTime
GetCommandLineW
DeviceIoControl
OutputDebugStringA
SetPriorityClass
VerSetConditionMask
VerifyVersionInfoW
GetACP
FreeResource
MulDiv
ExitProcess
GetFileType
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetStdHandle
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetLastError
GetModuleHandleA
GetFileAttributesW
FindClose
FindNextFileW
GetProcAddress
SetLastError
FindFirstFileW
LoadLibraryExW
FreeLibrary
LoadLibraryW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
user32
MessageBoxW
MonitorFromPoint
CharPrevW
DrawTextW
FillRect
SetRect
GetWindowRgn
CreateCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
IntersectRect
SetCursor
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetForegroundWindow
PeekMessageW
SetWindowRgn
TranslateMessage
GetDesktopWindow
SetWindowTextW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
wsprintfW
CharUpperW
LoadStringW
IsIconic
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetPropW
SetPropW
GetSystemMetrics
MsgWaitForMultipleObjects
IsWindowVisible
RegisterClassW
EnableWindow
OffsetRect
IsWindow
ShowWindow
UnregisterClassW
SendMessageW
SetWindowPos
GetWindowTextW
GetClassNameW
EnumChildWindows
GetParent
SetWindowLongW
InflateRect
GetWindow
UnionRect
MapWindowPoints
ScreenToClient
GetCursorPos
GetWindowRect
GetClientRect
EndDialog
FindWindowExW
CallWindowProcW
PostQuitMessage
SetFocus
GetFocus
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
CharNextW
GetWindowLongW
GetWindowTextLengthW
DefWindowProcW
CreateWindowExW
RegisterClassExW
LoadCursorW
GetClassInfoExW
GetDC
KillTimer
ReleaseCapture
SetCapture
IsZoomed
UpdateLayeredWindow
DestroyWindow
IsRectEmpty
GetMessageW
PtInRect
DispatchMessageW
PostMessageW
ShowScrollBar
GetKeyState
SetTimer
BringWindowToTop
gdi32
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
GetDeviceCaps
CreateRoundRectRgn
SetTextColor
SetBkMode
CreateSolidBrush
SetWindowOrgEx
CreateDIBSection
GetTextMetricsW
SelectObject
StretchBlt
GetCharABCWidthsW
SaveDC
RestoreDC
Rectangle
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectW
GetDIBits
GetClipBox
GetTextExtentPoint32W
LineTo
GetStockObject
DeleteDC
ExtSelectClipRgn
PtInRegion
CreateRectRgn
TextOutW
MoveToEx
GetObjectA
SetBkColor
SetStretchBltMode
DeleteObject
SelectClipRgn
CreateDCW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
ReportEventA
DeregisterEventSource
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
ImpersonateLoggedOnUser
RevertToSelf
DuplicateTokenEx
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegisterEventSourceA
shell32
SHGetFolderPathW
SHChangeNotify
DragQueryFileW
SHGetSpecialFolderPathW
ShellExecuteW
DragFinish
ole32
ReleaseStgMedium
OleUninitialize
OleInitialize
CoInitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
OleLockRunning
CLSIDFromProgID
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
CLSIDFromString
CoUninitialize
oleaut32
SysAllocStringLen
SysStringByteLen
SysStringLen
VarUI4FromStr
SysFreeString
SysAllocString
VariantCopy
VariantClear
VariantInit
shlwapi
SHSetValueW
SHDeleteKeyW
SHDeleteValueW
SHGetValueW
PathFileExistsW
ord219
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
imm32
ImmGetVirtualKey
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
comctl32
_TrackMouseEvent
ord17
ws2_32
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSASetLastError
htonl
inet_addr
inet_ntoa
gethostbyaddr
gethostbyname
getservbyport
getservbyname
__WSAFDIsSet
select
accept
listen
recvfrom
sendto
ioctlsocket
gethostname
send
recv
WSACleanup
WSAStartup
WSAGetLastError
closesocket
socket
bind
connect
shutdown
gdiplus
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipSetCompositingMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillRectangleI
GdipDrawImageRectRect
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeletePath
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdiplusStartup
GdiplusShutdown
GdipCreateLineBrushI
GdipCreateStringFormat
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawArcI
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreatePath
GdipCreateFont
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdipDrawImageRectI
GdipSetSmoothingMode
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 544KB - Virtual size: 544KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 71KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 243KB - Virtual size: 242KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 176KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE