Static task
static1
Behavioral task
behavioral1
Sample
6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1.exe
Resource
win10v2004-20240226-en
General
-
Target
6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1
-
Size
7.6MB
-
MD5
c2a2c712d7697edf4b06670664a9905d
-
SHA1
232c67b89b4f13649d4c21ce9b1295045581356b
-
SHA256
6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1
-
SHA512
25ea3b13f772f46e2d9f96dc9316be31298d7f945a6027a495b2e077fc153ec65defdb14929554d3c0bd8b4d21782f1f885b88b27001db8044c3ead12c414de9
-
SSDEEP
98304:qdw99EA70G4ldiTyMQ0WsqGwhTJLsXpiWZFsdRKfXbRIoa:qdw9mWx4qQ0PwhdLgpiWZKRQbR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1
Files
-
6857a8cae70db10e52fbf73f9ad6c8f33d7b4b0ade3f7b5dd960905a84c465b1.exe windows:4 windows x86 arch:x86
5acd9beb4ccf227155a5d333fc8857d6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmDestroyContext
ImmCreateContext
ImmAssociateContext
msimg32
AlphaBlend
GradientFill
spr32du80
ord2718
ord3215
ord3970
ord3003
ord2800
ord3952
_SSSetRowHeaderCols@8
ord3876
ord3117
ord3121
ord3116
_SSSetUseVisualStyles@8
ord3916
_SSSetUserColAction@8
ord3870
_SSSetTwoDigitYearMax@8
_SSSetTabStripRatio@12
_SSSetTabStripPolicy@8
_SSSetTabStripButtonPolicy@8
_SSSetTabEnhancedShape@8
_SSSetHighlightStyle@8
_SSSetHighlightHeaders@8
_SSSetHighlightAlphaBlend@12
ord3889
ord3891
ord3132
_SSSetEnhanceStaticCells@8
ord3852
_SSSetColHeadersUserSortIndex@8
_SSSetColHeadersAutoTextIndex@8
ord3950
_SSSetColHeaderRows@8
_SSSetClipboardOptions@8
_SSSetCellNoteIndicatorShape@8
_SSSetCellNoteIndicatorColor@8
_SSSetCellNoteIndicator@8
ord3885
_SSSetBackColorStyle@8
_SSSetAppearanceStyle@8
_SSSetAppearance@8
ord3511
_SSSetShowScrollTips@8
_SSSetSheetCount@8
_SSSetSheet@8
ord3131
_SSSetScrollBarStyle@8
_SSSetScrollBarColor@12
_SSSetScrollBarSize@12
ord3800
ord3954
_SSSetActiveCellHighlightStyle@8
ord3209
ord3210
ord2721
ord2724
ord2715
ord3001
ord2900
ord3120
ord3118
ord3851
ord3211
ord3806
ord3213
ord3808
ord3203
ord3119
ord3943
_SSIsColHidden@8
ord3944
ord3938
ord3882
ord3883
_SSGetCellNote@16
ord2725
_SSSetCellNote@16
ord3923
ord3910
ord3126
_SSSetRowHeadersAutoTextIndex@8
kernel32
GetVersion
VirtualProtect
GetModuleHandleA
GlobalReAlloc
lstrcmpA
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
SetFileTime
GetFileTime
GetDiskFreeSpaceW
FileTimeToLocalFileTime
GlobalFlags
LocalAlloc
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
FindResourceExW
SetErrorMode
GetStringTypeExW
DuplicateHandle
GetVolumeInformationW
GetShortPathNameW
LocalFileTimeToFileTime
SetFileAttributesW
GetUserDefaultLCID
GetProfileIntW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
ExitProcess
GetDriveTypeA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LocalSize
LoadLibraryExW
LoadLibraryExA
EnumResourceTypesW
GetPrivateProfileSectionNamesW
EnumResourceNamesW
GetExitCodeThread
ResetEvent
CopyFileW
CreateDirectoryW
GetPrivateProfileStringW
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetExitCodeProcess
TerminateProcess
OpenProcess
DeleteFileW
GetLastError
MultiByteToWideChar
lstrlenA
FindResourceW
SizeofResource
LockResource
LoadResource
lstrlenW
lstrcpynW
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
WritePrivateProfileStringW
MoveFileW
GetModuleFileNameW
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetSystemDirectoryW
lstrcpyW
WriteFile
CreateFileW
GlobalFree
MulDiv
lstrcatW
IsBadReadPtr
WideCharToMultiByte
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
lstrcmpiW
GetFileSize
LoadLibraryW
FreeLibrary
SetCurrentDirectoryW
GetTickCount
GetCurrentDirectoryW
CreateEventW
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
SetEvent
ExpandEnvironmentStringsW
ReadFile
SetFilePointer
InterlockedIncrement
InterlockedDecrement
SetLastError
CreateThread
TerminateThread
GetThreadTimes
ResumeThread
InterlockedCompareExchange
ReleaseMutex
SleepEx
GetComputerNameW
lstrcmpW
GetCurrentThreadId
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
LockFileEx
GetVersionExW
CreateFileA
GetTempPathA
GetTempPathW
GetFileAttributesA
DeleteFileA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
LoadLibraryA
FormatMessageA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTime
GetSystemTimeAsFileTime
MapViewOfFile
UnmapViewOfFile
FindClose
FindNextFileW
FindFirstFileW
CreateFileMappingW
GetTempFileNameW
GlobalSize
GetSystemDefaultLangID
FreeResource
GetVersionExA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
LocalFree
FormatMessageW
SetThreadPriority
GlobalGetAtomNameW
user32
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
wsprintfW
LoadAcceleratorsW
FillRect
PostMessageW
GetSysColor
GetClipboardOwner
TranslateAcceleratorW
IsRectEmpty
SetRectEmpty
IsWindowVisible
UnionRect
SetCursor
GetDC
CopyRect
DispatchMessageW
TranslateMessage
PeekMessageW
LoadImageW
DestroyIcon
DrawFocusRect
DrawTextW
DrawIconEx
BringWindowToTop
GetCursorPos
GetSubMenu
LoadMenuW
GetIconInfo
InflateRect
GetMenuItemID
GetMenuItemCount
VkKeyScanW
LoadCursorW
DefWindowProcW
GetClassInfoW
SendMessageTimeoutW
IsWindow
RegisterWindowMessageW
LoadIconW
SetScrollRange
GetKeyState
DrawIcon
GetSystemMetrics
IsIconic
SetCapture
PtInRect
ReleaseCapture
SetScrollPos
GetScrollPos
RedrawWindow
EnableScrollBar
SetClipboardViewer
SetMenu
ChangeClipboardChain
ReleaseDC
DestroyCursor
ScreenToClient
LockWindowUpdate
CheckDlgButton
SetFocus
GetAsyncKeyState
DestroyMenu
TrackPopupMenu
EnableMenuItem
DrawEdge
GetClassLongW
WindowFromDC
TabbedTextOutW
DrawTextExW
GrayStringW
MessageBoxW
SetCaretPos
MessageBeep
ClientToScreen
DeleteMenu
CheckMenuItem
ModifyMenuW
InsertMenuItemW
IsChild
GetForegroundWindow
GetCapture
IntersectRect
SetParent
WindowFromPoint
DrawFrameControl
GetDlgCtrlID
GetMessageW
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
GetWindowPlacement
SystemParametersInfoA
SetWindowPos
SetWindowLongW
CallWindowProcW
SetWindowPlacement
AdjustWindowRectEx
TranslateMDISysAccel
UnregisterClassA
SetMenuDefaultItem
DrawMenuBar
AdjustWindowRect
RegisterClassA
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcW
DefFrameProcA
DefWindowProcA
CallWindowProcA
EnumWindows
SetClassLongW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
SetCursorPos
LookupIconIdFromDirectoryEx
GetCursor
GetDoubleClickTime
mouse_event
HideCaret
ShowCaret
IsMenu
GetWindowRgn
GetKeyboardLayout
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayoutList
GetKeyboardState
ToUnicodeEx
GetMenuDefaultItem
InvertRect
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
DrawStateW
SetTimer
GetFocus
KillTimer
GetParent
EnableWindow
SetRect
SendMessageW
OffsetRect
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
RegisterClipboardFormatW
CloseClipboard
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
WaitMessage
SendNotifyMessageW
GetDCEx
PostThreadMessageW
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharUpperW
GetSystemMenu
UnregisterClassW
GetSysColorBrush
GetDialogBaseUnits
EnumChildWindows
CountClipboardFormats
GetTabbedTextExtentA
IsZoomed
GetMenuItemInfoW
CharNextW
SetWindowRgn
FindWindowW
SystemParametersInfoW
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
EndPaint
BeginPaint
GetWindowDC
MapDialogRect
UnpackDDElParam
ReuseDDElParam
CreatePopupMenu
ValidateRect
GetWindowThreadProcessId
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
GetScrollRange
SetForegroundWindow
ShowScrollBar
GetMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
SetClipboardData
gdi32
ExtCreateRegion
FillPath
FrameRgn
FillRgn
CreateDIBitmap
CreatePalette
CreatePolygonRgn
GetTextCharsetInfo
OffsetRgn
GetBitmapBits
StrokeAndFillPath
StretchDIBits
CreatePen
Rectangle
BitBlt
EnumFontFamiliesExW
GetWindowOrgEx
GetTextExtentPoint32A
GetCharWidthW
GetTextAlign
AbortDoc
SetAbortProc
CreateEllipticRgn
SetRectRgn
ExtCreatePen
GetObjectType
SelectPalette
CreatePatternBrush
PolyBezierTo
PolyDraw
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
CopyMetaFileW
GetCurrentObject
SetPixel
EnumFontFamiliesW
GetBitmapDimensionEx
CreateBitmap
SaveDC
GetClipBox
ExtSelectClipRgn
SetDIBitsToDevice
RestoreDC
RealizePalette
GetDIBits
SetBrushOrgEx
PatBlt
WidenPath
StrokePath
CloseFigure
CombineRgn
PathToRegion
EndPath
BeginPath
Polygon
Ellipse
GetViewportOrgEx
GetTextExtentExPointW
GetTextMetricsW
PtInRegion
GetRgnBox
CreateRoundRectRgn
RoundRect
Escape
TextOutW
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetBkColor
GetTextExtentPoint32W
CreateRectRgn
ExtTextOutW
RectVisible
PtVisible
GetPixel
CreateRectRgnIndirect
SelectClipRgn
SetBkColor
Polyline
SetDIBColorTable
CreateFontIndirectW
CreatePenIndirect
GetTextColor
SetTextColor
StartDocW
StartPage
EndPage
EndDoc
CreateCompatibleBitmap
DPtoLP
CreateICW
ResetDCW
SetPixelV
GetDeviceCaps
SetBkMode
StretchBlt
LPtoDP
SetICMMode
ExtEscape
CreateSolidBrush
GetStockObject
CreateDCW
CreateDIBSection
CreateCompatibleDC
SelectObject
SetStretchBltMode
DeleteDC
DeleteObject
GetObjectW
CreateFontW
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
GetPrinterW
OpenPrinterW
DocumentPropertiesW
GetJobW
EnumPrintersW
advapi32
RegCloseKey
RegDeleteValueW
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextW
RegSetValueW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW
SetFileSecurityW
GetFileSecurityW
shell32
ShellExecuteExW
DragAcceptFiles
ShellExecuteW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
DragFinish
SHGetSpecialFolderLocation
SHGetMalloc
SHAppBarMessage
ExtractIconW
SHGetFileInfoW
comctl32
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_GetBkColor
FlatSB_GetScrollProp
_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
ImageList_DrawIndirect
shlwapi
PathIsUNCW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
oledlg
OleUIAddVerbMenuW
OleUIInsertObjectW
OleUIPasteSpecialW
OleUIBusyW
OleUIObjectPropertiesW
ole32
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
OleGetIconOfClass
OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleLockRunning
CreateStreamOnHGlobal
OleSaveToStream
WriteClassStm
OleSave
CreateFileMoniker
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoRegisterClassObject
CoDisconnectObject
CoFreeUnusedLibraries
CLSIDFromString
StringFromGUID2
CoInitialize
CoGetClassObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
CoBuildVersion
OleInitialize
OleUninitialize
CoUninitialize
StgOpenStorage
StgCreateDocfile
CoLockObjectExternal
CreateILockBytesOnHGlobal
RevokeDragDrop
RegisterDragDrop
ReadClassStg
oleaut32
OleLoadPicturePath
OleCreateFontIndirect
VarBstrFromDate
VarDateFromStr
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SysStringByteLen
SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
VariantInit
VariantChangeType
VariantTimeToSystemTime
SysAllocString
SysFreeString
OleLoadPictureFile
VariantClear
LoadTypeLi
VariantChangeTypeEx
VarUdateFromDate
odbc32
ord31
ord24
ord75
gdiplus
GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDeleteGraphics
GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdiplusShutdown
GdipCloneImage
clm10_usb_sdk
CLM10_Connect
CLM10_Disconnect
CLM10_GetStatus
CLM10_InsertCard
CLM10_ReverseCard
CLM10_EjectCard
ws2_32
inet_ntoa
sendto
send
__WSAFDIsSet
select
recvfrom
recv
socket
bind
WSAGetLastError
WSAStartup
WSACleanup
htons
htonl
ntohs
getservbyname
ntohl
gethostbyname
inet_addr
gethostname
accept
closesocket
shutdown
getpeername
setsockopt
listen
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
imagehlp
ImageDirectoryEntryToData
winmm
PlaySoundW
Sections
.text Size: 4.7MB - Virtual size: 4.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 940KB - Virtual size: 938KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 116KB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ