Static task
static1
General
-
Target
Kopie_von_Premium_Exm_Tweaking_Utility_0.96.exe
-
Size
985KB
-
MD5
d249335b39fa9132efc61ac21f855d97
-
SHA1
9a65a321817c4d62644d7f4cbda4e231e1fb4d5f
-
SHA256
08490af34351348aecc30e29455bfcefc060ba0fb6501ecd569091c833302d9a
-
SHA512
1dc75e0167d196ca0c6820492135660f3906275b4f7c0435905e4228435a390f2c68cc7db3407a9e24a37b23b73c3430e3d69b5a23c84fff3ac86f8d9c659d86
-
SSDEEP
24576:QtA4KdTAm9kG8d/xvv1bqTc4v/nnDxix9V/xBSMjh3h8l:1dTn98dJH/4vP1i3QMjL2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Kopie_von_Premium_Exm_Tweaking_Utility_0.96.exe
Files
-
Kopie_von_Premium_Exm_Tweaking_Utility_0.96.exe.exe windows:4 windows x64 arch:x64
f326f88ca83c9aacaa44acfb8884f1d4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvcrt
memset
wcsncmp
memmove
wcsncpy
wcsstr
_wcsnicmp
_wcsdup
free
_wcsicmp
wcslen
wcscpy
wcscmp
wcscat
memcpy
tolower
malloc
kernel32
GetModuleHandleW
HeapCreate
GetStdHandle
SetConsoleCtrlHandler
HeapDestroy
ExitProcess
WriteFile
GetTempFileNameW
LoadLibraryExW
EnumResourceTypesW
FreeLibrary
RemoveDirectoryW
EnumResourceNamesW
GetCommandLineW
LoadResource
SizeofResource
FreeResource
FindResourceW
GetShortPathNameW
GetSystemDirectoryW
EnterCriticalSection
CloseHandle
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
CreateThread
Sleep
WideCharToMultiByte
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
PeekNamedPipe
TerminateProcess
GetEnvironmentVariableW
SetEnvironmentVariableW
GetCurrentProcess
DuplicateHandle
CreatePipe
CreateProcessW
GetExitCodeProcess
RtlLookupFunctionEntry
RtlVirtualUnwind
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
HeapSize
MultiByteToWideChar
CreateDirectoryW
SetFileAttributesW
GetTempPathW
DeleteFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetFilePointer
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
HeapReAlloc
DeleteCriticalSection
GetLastError
SetLastError
UnregisterWait
GetCurrentThread
RegisterWaitForSingleObject
shell32
ShellExecuteExW
SHGetFolderLocation
SHGetPathFromIDListW
winmm
timeBeginPeriod
ole32
CoInitialize
CoTaskMemFree
shlwapi
PathAddBackslashW
PathRenameExtensionW
PathQuoteSpacesW
PathRemoveArgsW
PathRemoveBackslashW
user32
CharUpperW
CharLowerW
MessageBoxW
DefWindowProcW
GetWindowLongPtrW
GetWindowTextLengthW
GetWindowTextW
EnableWindow
DestroyWindow
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
IsWindowEnabled
GetSystemMetrics
CreateWindowExW
SetWindowLongPtrW
SendMessageW
SetFocus
CreateAcceleratorTableW
SetForegroundWindow
BringWindowToTop
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
PostMessageW
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
SetWindowPos
gdi32
GetStockObject
comctl32
InitCommonControlsEx
Sections
.code Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 865KB - Virtual size: 864KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ