Static task
static1
Behavioral task
behavioral1
Sample
f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f.exe
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral2
Sample
f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f
-
Size
7.0MB
-
MD5
4eacbe8620d2abf87fa5a4c0845c40a3
-
SHA1
166df66d291f175c8b675e5110f6a5c24ea45d60
-
SHA256
f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f
-
SHA512
56e648a7cc54c1207e0f42e7be1d8e0d98901bb9f57f9de3bf6908daa564f20ec29a8be6b03307646b5835ec8b16d59cd730b4010c8f36770c2e53f43f295106
-
SSDEEP
98304:CCXTbRF5kGniNgUHsDwHT8rqcB2dvWhIpCyNGgtEE0:CGTbRF5kGniNgUMUT8msWQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f
Files
-
f3e383dcd84c7b4eeb421a812340ad85f33bd99483d6f10f9d3639cec842a33f.exe windows:5 windows x86 arch:x86
a5ca64dbeae792fc96aa94aad64ff986
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
waveInPrepareHeader
waveInReset
waveInStart
waveOutClose
waveOutGetErrorTextW
waveOutGetNumDevs
waveInOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite
waveInGetNumDevs
waveInGetErrorTextW
waveInClose
waveInAddBuffer
timeGetTime
waveOutOpen
sndPlaySoundW
comctl32
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitializeFlatSB
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
_TrackMouseEvent
ImageList_Create
version
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
kernel32
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
WriteProfileStringW
VirtualAlloc
UnmapViewOfFile
TlsSetValue
TlsGetValue
TerminateThread
TerminateProcess
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
SuspendThread
SleepEx
SizeofResource
SetUnhandledExceptionFilter
SetThreadPriority
SetThreadLocale
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesW
SetFileAttributesA
SetEvent
SetErrorMode
SetEnvironmentVariableW
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
RemoveDirectoryA
ReleaseMutex
ReadProcessMemory
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
QueryDosDeviceW
OpenProcess
OpenMutexW
OpenFileMappingW
OpenFileMappingA
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
lstrlenW
lstrlenA
lstrcmpW
lstrcmpiW
lstrcmpA
lstrcatA
LockResource
LocalSize
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LCMapStringW
IsValidLocale
IsDBCSLeadByteEx
IsBadReadPtr
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalSize
GlobalMemoryStatus
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetVolumeInformationW
GetVersionExW
GetVersionExA
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempPathA
GetSystemTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeW
GetStdHandle
GetProfileStringW
GetProcessHeap
GetProcAddress
GetPrivateProfileStringW
GetPriorityClass
GetOverlappedResult
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDriveStringsW
GetLocalTime
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCPInfoExW
GetConsoleOutputCP
GetConsoleCP
GetComputerNameW
GetComputerNameA
GetCommandLineW
GetACP
FreeResource
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FindResourceW
FindResourceA
FindNextFileW
FindNextFileA
FindNextChangeNotification
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitThread
ExitProcess
EnumSystemLocalesW
EnumResourceTypesA
EnumResourceNamesW
EnumResourceNamesA
EnumCalendarInfoW
DuplicateHandle
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessW
CreateProcessA
CreatePipe
CreateMutexW
CreateMutexA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CompareStringA
CloseHandle
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetVersion
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
GetEnvironmentVariableA
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetOEMCP
HeapReAlloc
GetStringTypeA
LCMapStringA
SetNamedPipeHandleState
user32
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenuEx
TrackPopupMenu
ToUnicode
TabbedTextOutW
SystemParametersInfoW
SubtractRect
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowRgn
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetPropW
SetParent
SetMenuItemInfoW
SetMenuDefaultItem
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetClipboardData
SetClassLongW
SetCaretPos
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageW
SendMessageTimeoutW
SendMessageTimeoutA
SendMessageA
SendDlgItemMessageW
ScrollWindowEx
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterHotKey
RegisterClassW
RegisterClassA
RedrawWindow
PtInRect
PostThreadMessageW
PostThreadMessageA
PostQuitMessage
PostMessageW
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
MsgWaitForMultipleObjectsEx
MoveWindow
mouse_event
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
LookupIconIdFromDirectoryEx
LockWindowUpdate
LoadStringW
LoadMenuW
LoadKeyboardLayoutW
LoadImageW
LoadImageA
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
IsCharAlphaW
IsCharAlphaNumericW
InvalidateRgn
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetUpdateRgn
GetUpdateRect
GetTopWindow
wvsprintfA
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetParent
GetMessageW
GetMessageTime
GetMessagePos
GetMessageExtraInfo
GetMessageA
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetLastActivePopup
GetKeyState
GetKeyNameTextW
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItemTextW
GetDlgItemTextA
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetClipboardFormatNameW
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetClassLongW
GetClassInfoW
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowW
FindWindowExW
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DragDetect
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DestroyAcceleratorTable
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIconIndirect
CreateCursor
CreateCaret
CreateAcceleratorTableW
CountClipboardFormats
CopyImage
CopyIcon
CloseClipboard
ClientToScreen
ChildWindowFromPointEx
CheckMenuItem
CharUpperW
CharUpperBuffW
CharUpperBuffA
CharNextW
CharLowerW
CharLowerBuffW
CharLowerBuffA
CallWindowProcW
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
AttachThreadInput
AppendMenuW
AdjustWindowRectEx
RegisterClipboardFormatW
IsClipboardFormatAvailable
WindowFromDC
WaitMessage
VkKeyScanW
ValidateRect
UpdateWindow
UnregisterHotKey
UnregisterClassW
GetTabbedTextExtentW
UnregisterClassA
GetPropW
gdi32
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
FillPath
FillRgn
FrameRgn
GdiFlush
GetBitmapBits
GetBkColor
GetBkMode
GetBrushOrgEx
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCharacterPlacementW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetFontData
GetGlyphOutlineW
GetGraphicsMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetROP2
GetStockObject
GetStretchBltMode
GetSystemPaletteEntries
GetTextAlign
GetTextCharsetInfo
GetTextColor
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetViewportOrgEx
ExtCreatePen
GetWindowOrgEx
GetWinMetaFileBits
GetWorldTransform
IntersectClipRect
ExcludeClipRect
LineTo
LPtoDP
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PaintRgn
CreateFontIndirectA
PatBlt
PathToRegion
Pie
PlayEnhMetaFile
PlgBlt
PolyBezier
PolyBezierTo
Polyline
PolyPolyline
PtInRegion
PtVisible
RealizePalette
Rectangle
RectInRegion
RectVisible
ResetDCW
ResizePalette
RestoreDC
SaveDC
ScaleWindowExtEx
SelectClipPath
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBits
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetMetaFileBitsEx
SetPaletteEntries
SetPixel
SetPolyFillMode
SetRectRgn
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetWinMetaFileBits
SetWorldTransform
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
StrokePath
TextOutA
TextOutW
TranslateCharsetInfo
UnrealizeObject
UpdateColors
WidenPath
CreateFontA
CreateEnhMetaFileW
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateDIBSection
CreateDIBitmap
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
CombineTransform
CombineRgn
CloseMetaFile
CloseEnhMetaFile
Chord
BitBlt
EqualRgn
EnumFontsW
BeginPath
EnumFontFamiliesW
EnumFontFamiliesExW
EnumEnhMetaFile
EndPath
EndPage
EndDoc
LineDDA
Ellipse
DPtoLP
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateFontIndirectW
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePatternBrush
CreatePalette
CreateMetaFileW
CreateICW
CreateHatchBrush
CreateHalftonePalette
CreateFontW
GetWindowExtEx
ArcTo
winspool.drv
EnumPrintersW
OpenPrinterW
SetPrinterW
GetPrinterW
DocumentPropertiesW
ClosePrinter
DeviceCapabilitiesW
comdlg32
PrintDlgW
ChooseFontW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
ChooseColorW
FindTextW
ReplaceTextW
advapi32
RegUnLoadKeyW
RegSetValueExW
RegSetValueExA
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegConnectRegistryW
RegCloseKey
OpenProcessToken
InitializeSecurityDescriptor
GetUserNameW
GetUserNameA
GetTokenInformation
FreeSid
SetSecurityDescriptorDacl
shell32
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
Shell_NotifyIconW
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
ole32
RegisterDragDrop
RevokeDragDrop
StgCreateDocfileOnILockBytes
StringFromCLSID
CLSIDFromProgID
ProgIDFromCLSID
OleUninitialize
OleSetMenuDescriptor
OleSetContainedObject
OleRegEnumVerbs
OleInitialize
OleGetIconOfClass
OleDraw
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateLinkFromData
OleCreateFromFile
OleCreateFromData
IsAccelerator
FreePropVariantArray
DoDragDrop
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CreateBindCtx
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoGetClassObject
CoCreateInstance
CoCreateGuid
CLSIDFromString
oleaut32
VariantInit
VariantCopyInd
VariantCopy
VariantClear
VariantChangeType
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayCreateVector
SafeArrayCreate
SafeArrayAccessData
GetErrorInfo
ws2_32
WSACleanup
select
recvfrom
recv
inet_addr
htons
ioctlsocket
connect
closesocket
bind
WSAGetLastError
setsockopt
WSAStartup
gethostbyname
sendto
Sections
.text Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.png3 Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE