Static task
static1
Behavioral task
behavioral1
Sample
9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f.exe
Resource
win10v2004-20240226-en
General
-
Target
9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f
-
Size
131KB
-
MD5
434307e5188c192ae3488ac57a843b7c
-
SHA1
5e355a02e8d58f14fac3a47282d68d4c9c0d2ca7
-
SHA256
9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f
-
SHA512
9d417229dedb9c20529a15a7efee2ed6ea9d938a95b7be8ab5a475851cfe9d6d14ef47403bfd30ff1d1a2075c2af5d48d79e19b65fc3a4caa5355473b295bafa
-
SSDEEP
1536:xao5ceDtfXz7KnKIAWPsMC0WN9eh0CvNWseEs6OLFUU0qXcVJ+Pn:xaohBKKZWZX4900CEf+OLFUU0qsKn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f
Files
-
9d35c5a7080ac0100c8d289c70902117e75ff27bed80c6f67a0dd85a1dcc010f.exe windows:5 windows x86 arch:x86
87467749e8c451b671872f4d50a7e1f7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileW
LoadLibraryW
GetStartupInfoA
GetProcAddress
GetModuleHandleA
LoadLibraryA
FreeLibrary
user32
IsCharAlphaNumericA
IsCharAlphaNumericW
GetMenu
GetKeyboardType
LoadCursorFromFileW
CloseDesktop
CharLowerA
CharUpperW
LoadIconA
GetTopWindow
CharNextW
GetKeyboardLayout
IsCharAlphaA
IsGUIThread
GetWindowTextLengthA
InSendMessage
GetMenuCheckMarkDimensions
GetActiveWindow
GetForegroundWindow
UnregisterClassA
WindowFromDC
SetWindowsHookExA
SetWindowWord
SetRect
SetClipboardData
SetClassLongA
SendInput
MessageBoxExA
LoadMenuIndirectW
LoadKeyboardLayoutW
IsWindowUnicode
InsertMenuW
HiliteMenuItem
GetMessagePos
GetClassInfoW
ExitWindowsEx
ExcludeUpdateRgn
EnumDisplayMonitors
EnableWindow
DrawMenuBar
DestroyAcceleratorTable
DdeGetData
GetSystemMetrics
PaintDesktop
GetWindowTextLengthW
GetDC
DestroyWindow
DestroyCursor
CloseClipboard
GetCapture
IsWindow
GetFocus
DestroyMenu
IsCharLowerW
IsMenu
VkKeyScanW
GetKBCodePage
GetDlgCtrlID
IsCharUpperW
DestroyIcon
ReleaseCapture
CharLowerW
CharNextA
CharUpperA
OpenIcon
CloseWindow
GetAsyncKeyState
SwitchToThisWindow
VkKeyScanA
gdi32
CloseFigure
CreateSolidBrush
GetROP2
SetMetaRgn
EndDoc
WidenPath
BeginPath
CreateICW
GetFontLanguageInfo
AddFontResourceW
GetTextColor
EndPath
CancelDC
GetStretchBltMode
AbortDoc
EndPage
GetEnhMetaFileW
DeleteObject
GetStockObject
StrokePath
GetBkColor
CreateMetaFileW
GetPixelFormat
SwapBuffers
AbortPath
CloseEnhMetaFile
GdiArtificialDecrementDriver
advapi32
RegQueryValueExW
RegOpenKeyW
shell32
FindExecutableW
ShellExecuteEx
SHPathPrepareForWriteA
SHGetSpecialFolderPathW
SHGetPathFromIDListA
SHGetIconOverlayIndexW
SHGetFileInfoW
DoEnvironmentSubstW
ExtractAssociatedIconExW
ExtractIconA
ExtractIconEx
ExtractIconW
ShellExecuteW
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHFileOperationW
SHFormatDrive
shlwapi
StrCmpNW
StrRChrA
StrRChrW
StrStrIA
StrStrIW
StrChrA
StrStrW
msvcrt
_XcptFilter
__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_wcsicmp
_wcsupr
exit
memmove
sprintf
wcslen
Sections
.text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 808B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.htext Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE