umpnpmgr.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c7cc0321d2d3eae26a816c38074e59b5.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
c7cc0321d2d3eae26a816c38074e59b5.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
c7cc0321d2d3eae26a816c38074e59b5
-
Size
309KB
-
MD5
c7cc0321d2d3eae26a816c38074e59b5
-
SHA1
14ce0c3046233ea685228fb94109a205d0f5a498
-
SHA256
f8a22abaa4365360048574d84990df828dc9f3862ba14894323cd5d7a0cf7188
-
SHA512
9119f0187f74dd5e1fcc9e352f05c90ecf515ef4c406a471b9e8402855c4f0b2b252c1d0df717259ce31443181b8aa46f852c54f8d8eb46fe8763f05531a0323
-
SSDEEP
6144:G/lJiMhO4q8AOBFK1LOGY2ld8NfVSSZ+XIGHnrI8tiFXcJ4Y7u+MJhwT83AkD:UVhO0AO3K1vL0fVh+XBcXcJh7mPwTmAu
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c7cc0321d2d3eae26a816c38074e59b5
Files
-
c7cc0321d2d3eae26a816c38074e59b5.exe windows:5 windows x86 arch:x86
ac6ff22c74c0ef0c3ba1c757e36a8085
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
msvcrt
sprintf
sscanf
getenv
_iob
fprintf
fflush
iswcntrl
wcscspn
isdigit
isxdigit
clock
_ui64tow
swprintf
malloc
_onexit
__dllonexit
_adjust_fdiv
fwrite
_beginthread
_endthread
towupper
_beginthreadex
_wtol
iswdigit
swscanf
iswspace
bsearch
_wcsnicmp
wcsstr
_wtoi
_ftol
iswalpha
wcscmp
wcsrchr
_wcsicmp
memmove
_vsnwprintf
wcsncpy
_except_handler3
wcslen
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
free
_wcsupr
_wcslwr
wcsncat
_strnicmp
difftime
iswascii
iswprint
wcsspn
wcscoll
_wcsicoll
_initterm
_ltow
vswprintf
_wfopen
fopen
_mbslen
floor
ceil
_CIpow
__CxxFrameHandler
rand
_vsnprintf
wcspbrk
_stricmp
qsort
wcschr
srand
wcstoul
_ultow
wcsncmp
fclose
_memicmp
wcstok
time
_snwprintf
tolower
strcmp
memcmp
strlen
memcpy
memset
wcscpy
abort
_itow
wcstol
towlower
exit
wcstombs
iswalnum
_wtoi64
atoi
strcpy
_itoa
strchr
isspace
toupper
_CIexp
longjmp
_setjmp3
strncmp
wcsftime
localtime
wcstod
ldexp
rpcrt4
NdrDllGetClassObject
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Disconnect
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
NdrOleFree
NdrOleAllocate
NdrStubCall2
NdrStubForwardingFunction
NdrClientCall2
UuidCreate
NdrDllCanUnloadNow
kernel32
RemoveDirectoryW
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
LoadLibraryExA
LoadLibraryExW
IsValidLocale
GetVolumeInformationW
IsBadWritePtr
GlobalMemoryStatus
GetACP
lstrcmpA
GetExitCodeProcess
GlobalDeleteAtom
CreateProcessA
GetVersion
TlsAlloc
OpenProcess
DeviceIoControl
FreeEnvironmentStringsA
IsSystemResumeAutomatic
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GetWindowsDirectoryA
CompareStringA
CreateSemaphoreA
CreateSemaphoreW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindResourceW
FormatMessageA
FormatMessageW
GetFileAttributesExA
TlsSetValue
GetFileAttributesExW
GetVolumeInformationA
SetCurrentDirectoryA
GetOEMCP
GetStartupInfoA
GlobalAddAtomA
GlobalAddAtomW
lstrcatW
lstrcmpiA
lstrcmpiW
lstrcmpW
lstrcpyW
SetFileAttributesA
SetFileAttributesW
GetWindowsDirectoryW
CompareStringW
CreateProcessW
EnumResourceNamesA
EnumResourceNamesW
FindResourceExA
FindResourceExW
GetDateFormatA
GetDateFormatW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GlobalMemoryStatusEx
GetNumberFormatA
GetNumberFormatW
GetProfileStringA
GetProfileStringW
GetSystemDirectoryA
GetSystemDirectoryW
GetTimeFormatA
PulseEvent
GetTimeFormatW
GetEnvironmentStringsA
OpenEventA
OpenEventW
QueryDosDeviceA
QueryDosDeviceW
WriteProfileStringA
WriteProfileStringW
FindAtomW
RemoveDirectoryA
GetCurrentDirectoryW
GetCurrentDirectoryA
CreateDirectoryW
CreateDirectoryA
GetVersionExW
GetModuleHandleW
GetModuleHandleA
FindFirstFileW
FindFirstFileA
GetShortPathNameW
GetShortPathNameA
GetTempPathW
GetTempPathA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
OutputDebugStringW
OutputDebugStringA
LoadLibraryW
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindNextFileW
FindNextFileA
CreateEventW
GetFileAttributesW
GetFileAttributesA
GetTempFileNameW
GetTempFileNameA
GetDriveTypeW
GetDriveTypeA
DeleteFileW
DeleteFileA
LCMapStringW
LCMapStringA
GetSystemDefaultLangID
GetConsoleCP
GetLongPathNameW
GetLongPathNameA
GetFullPathNameW
GetFullPathNameA
CreateFileMappingW
CreateMutexW
GetConsoleOutputCP
CreateMutexA
FlushFileBuffers
SetEndOfFile
GetFileType
GetLocaleInfoA
lstrlenW
ExitProcess
InterlockedExchange
InterlockedCompareExchange
GlobalSize
CopyFileExW
LocalFileTimeToFileTime
GetSystemInfo
CreateEventA
AreFileApisANSI
CreateFileMappingA
CreateFileW
CreateFileA
GetVersionExA
LocalAlloc
SetFilePointer
DebugBreak
WaitForMultipleObjects
GetThreadPriority
ReleaseSemaphore
ExitThread
WideCharToMultiByte
Sleep
FreeLibraryAndExitThread
ResetEvent
GetSystemPowerStatus
FileTimeToLocalFileTime
CompareFileTime
FileTimeToSystemTime
GetLocalTime
IsBadReadPtr
WriteFile
GetFileSize
GetSystemDefaultLCID
GetUserDefaultLCID
GlobalAlloc
GlobalFree
VirtualAlloc
VirtualFree
LoadLibraryA
SetErrorMode
WaitForSingleObjectEx
ReadDirectoryChangesW
CreateThread
GetExitCodeThread
GetUserDefaultLangID
GlobalLock
GlobalUnlock
GetThreadLocale
FindNextChangeNotification
FindClose
FindCloseChangeNotification
RaiseException
lstrcpynW
lstrcpynA
LocalFree
GetCurrentThread
SetThreadPriority
MapViewOfFile
DuplicateHandle
WaitForSingleObject
SetEvent
ReleaseMutex
UnmapViewOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
GetCurrentThreadId
FlushInstructionCache
MulDiv
GetProcessHeaps
DisableThreadLibraryCalls
SizeofResource
lstrlenA
ReadFile
CloseHandle
GetSystemTime
SystemTimeToFileTime
FindAtomA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
GetStdHandle
FreeLibrary
FindResourceA
LoadResource
LockResource
HeapDestroy
GetTimeZoneInformation
GetFileTime
FreeResource
EnterCriticalSection
GetCommandLineA
LeaveCriticalSection
TlsFree
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
GetLastError
GetCurrentProcess
gdi32
GetTextMetricsW
GetTextMetricsA
GetTextExtentPointW
GetTextExtentPointA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetObjectW
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontW
CreateFontA
CreateFontIndirectW
CreateFontIndirectA
CreateDCW
CreateDCA
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
GetSystemPaletteEntries
CreatePalette
GetPaletteEntries
SetPaletteEntries
SelectPalette
RealizePalette
GetTextAlign
GetRegionData
ExtSelectClipRgn
MaskBlt
ExtCreateRegion
GetDIBits
GetObjectA
ExtCreatePen
GetDIBColorTable
CreateDIBSection
SetTextAlign
TextOutW
StretchDIBits
SetDIBitsToDevice
SetPixel
BitBlt
GetPixel
GetObjectType
GetBkColor
GetLayout
IntersectClipRect
PatBlt
PtInRegion
GetRgnBox
SetRectRgn
StretchBlt
SetTextCharacterExtra
DPtoLP
SetBkColor
ExtTextOutW
SetROP2
Polygon
CreateSolidBrush
CreatePenIndirect
SelectClipRgn
OffsetWindowOrgEx
CreateBrushIndirect
Rectangle
OffsetRgn
CombineRgn
CreateRectRgn
CreateCompatibleBitmap
GetClipBox
OffsetViewportOrgEx
CreateRectRgnIndirect
ExcludeClipRect
CreatePen
MoveToEx
LineTo
RectVisible
SetLayout
SetStretchBltMode
CreateCompatibleDC
SetBkMode
SetTextColor
GetStockObject
SelectObject
DeleteObject
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
user32
MessageBoxA
MessageBoxW
CharNextA
MonitorFromRect
InflateRect
DrawFocusRect
GetMessagePos
GetMessageTime
GetScrollInfo
WindowFromDC
CallNextHookEx
UnhookWindowsHookEx
GetWindowDC
GetNextDlgTabItem
DrawEdge
IsMenu
CopyImage
NotifyWinEvent
EnumWindows
SetMenu
GetDlgItemInt
RegisterWindowMessageA
CheckRadioButton
ShowCursor
BringWindowToTop
SetMenuInfo
LoadCursorA
TranslateAcceleratorA
GetAncestor
SendMessageA
AppendMenuA
AppendMenuW
CallWindowProcA
CallWindowProcW
CharLowerW
CreateDialogParamA
CreateDialogParamW
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DialogBoxParamA
DialogBoxParamW
DispatchMessageA
DrawTextA
DrawTextW
FindWindowA
FindWindowW
GetClassInfoA
GetClassInfoW
GetClassInfoExA
GetClassInfoExW
GetClassLongA
GetClassLongW
SetClassLongA
SetClassLongW
GetClassNameA
GetClassNameW
GetDlgItemTextA
GetDlgItemTextW
GetMessageW
GetPropA
GetPropW
GetWindowLongA
GetWindowLongW
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextA
GetWindowTextW
InsertMenuA
InsertMenuW
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadAcceleratorsW
LoadCursorW
GetMessageA
LoadIconW
LoadMenuA
LoadMenuW
LoadStringW
ModifyMenuA
ModifyMenuW
LoadImageA
LoadImageW
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostThreadMessageW
RegisterClassA
RegisterClassW
RegisterClassExA
RegisterClassExW
UnregisterClassA
UnregisterClassW
RegisterClipboardFormatA
RegisterClipboardFormatW
RegisterWindowMessageW
SendMessageW
SendMessageTimeoutW
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
SetPropA
GetClipboardOwner
SetPropW
SetMenuItemInfoA
SetMenuItemInfoW
SetWindowLongA
SetWindowLongW
SetWindowsHookExA
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
GetCursor
TranslateAcceleratorW
VkKeyScanA
VkKeyScanW
WinHelpA
WinHelpW
wvsprintfW
GetMonitorInfoA
GetMonitorInfoW
SystemParametersInfoA
SystemParametersInfoW
CharNextW
CharUpperBuffW
CopyAcceleratorTableA
CopyAcceleratorTableW
FindWindowExA
FindWindowExW
GetMenuItemInfoA
GetMenuItemInfoW
InsertMenuItemA
InsertMenuItemW
GetMenuStringA
GetMenuStringW
MonitorFromPoint
EndDialog
SetForegroundWindow
CloseWindow
GetWindowThreadProcessId
GetWindowRgn
GetTopWindow
GetCaretBlinkTime
GetWindow
RedrawWindow
SetWindowPlacement
GetWindowPlacement
IsIconic
GetMenu
GetMenuItemID
IsWindowEnabled
GetIconInfo
GetSysColorBrush
DrawIconEx
DestroyIcon
CheckMenuItem
EnableMenuItem
DeleteMenu
CheckMenuRadioItem
CreateMenu
SetActiveWindow
GetParent
InvalidateRgn
DestroyAcceleratorTable
DispatchMessageW
PostThreadMessageA
CopyIcon
WaitMessage
SendMessageTimeoutA
DestroyCursor
SetParent
GetDesktopWindow
MonitorFromWindow
GetDoubleClickTime
SetDlgItemInt
MsgWaitForMultipleObjects
EnumChildWindows
GetProcessDefaultLayout
ClipCursor
GetAsyncKeyState
GetSysColor
ScrollWindowEx
SetScrollInfo
DrawAnimatedRects
CheckDlgButton
GetDlgCtrlID
AdjustWindowRectEx
GetUpdateRect
LoadIconA
ValidateRect
GetKeyState
GetCursorPos
GetForegroundWindow
GetCapture
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
GetSubMenu
IsRectEmpty
ScreenToClient
GetSystemMetrics
GetActiveWindow
ReleaseCapture
SetCapture
TrackPopupMenu
IsWindowUnicode
EnableWindow
SetRectEmpty
FrameRect
MapWindowPoints
CopyRect
SetRect
FillRect
SetCursor
KillTimer
SetTimer
InvalidateRect
UpdateWindow
RemoveMenu
PtInRect
GetInputState
CreatePopupMenu
GetMenuItemCount
DestroyMenu
MessageBeep
GetQueueStatus
ClientToScreen
TrackPopupMenuEx
SetWindowPos
LoadStringA
IsWindowVisible
SetFocus
PostQuitMessage
TranslateMessage
wsprintfW
GetDialogBaseUnits
GetWindowRect
IsWindow
DestroyWindow
GetDlgItem
MoveWindow
ShowWindow
GetFocus
GetClipboardSequenceNumber
IsChild
BeginPaint
GetClientRect
EndPaint
GetDC
ReleaseDC
SetScrollPos
IsDlgButtonChecked
advapi32
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
CryptGenRandom
CryptAcquireContextW
GetFileSecurityW
SetFileSecurityW
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
AllocateAndInitializeSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AccessCheck
FreeSid
OpenThreadToken
OpenProcessToken
DuplicateTokenEx
RegCloseKey
LogonUserW
RegDeleteValueW
RegDeleteValueA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyA
ole32
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
StringFromCLSID
OleRegGetUserType
HWND_UserFree
CoGetTreatAsClass
OleLoadFromStream
PropVariantClear
CoGetClassObject
WriteClassStm
CreateDataAdviseHolder
CLSIDFromProgID
IsAccelerator
DoDragDrop
StringFromIID
CoCreateInstance
CoReleaseMarshalData
CoUnmarshalInterface
CoMarshalInterface
CoGetMalloc
CoCreateFreeThreadedMarshaler
OleSaveToStream
GetHGlobalFromStream
PropVariantCopy
CoFileTimeNow
CoInitializeEx
StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoDisconnectObject
GetRunningObjectTable
CoMarshalInterThreadInterfaceInStream
CoInitialize
CoGetInterfaceAndReleaseStream
CoUninitialize
CoFreeUnusedLibraries
CLSIDFromString
ReleaseStgMedium
RevokeDragDrop
CoRegisterClassObject
RegisterDragDrop
CoRevokeClassObject
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegEnumVerbs
HMENU_UserSize
HMENU_UserMarshal
HMENU_UserUnmarshal
HMENU_UserFree
HBITMAP_UserSize
HBITMAP_UserMarshal
HBITMAP_UserUnmarshal
HBITMAP_UserFree
HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
comctl32
CreateStatusWindowW
PropertySheetW
PropertySheetA
ImageList_LoadImageW
ImageList_LoadImageA
CreatePropertySheetPageW
CreatePropertySheetPageA
ImageList_Remove
ImageList_Add
ImageList_AddMasked
DestroyPropertySheetPage
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
version
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
msvfw32
ICInfo
ICInstall
Sections
.text Size: 81KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 187KB - Virtual size: 203KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 79KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ