Static task
static1
Behavioral task
behavioral1
Sample
abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d.exe
Resource
win10v2004-20240412-en
General
-
Target
abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d
-
Size
123KB
-
MD5
f5306fe7ac678b367c484bfd4821ffb2
-
SHA1
d36008ade2d5cd0e59ce5aa20d60837d10551134
-
SHA256
abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d
-
SHA512
a198dc372cfc5b413a8401e10ddf5752008464ec51569437bb5e9349af0c2ceca2539e94a25cd30f9b920b8dd96262a3df87004e1d66c40560ae511f77820b8d
-
SSDEEP
3072:jXzgamaL8aAFLcaRZonAewMjBFfZQ30HpJ:j7GcakAHD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d
Files
-
abebbafd75d61bb6ac5946a2bb3d0863e7776c4820ed0cedcaba25a4381e274d.exe windows:5 windows x86 arch:x86
fb8a5c278056258015474ce80c1f8341
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
CopyAcceleratorTableA
CharNextA
InflateRect
LoadStringA
DefDlgProcW
IsChild
DestroyMenu
GetSysColorBrush
GetDesktopWindow
GetClassNameA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
PostQuitMessage
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
IsWindowVisible
GetTopWindow
MessageBoxA
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
MessageBeep
GetNextDlgGroupItem
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
PostMessageA
SetRect
AdjustWindowRectEx
EnumChildWindows
GetDlgItem
ScreenToClient
MoveWindow
GetWindowLongA
SetWindowLongA
SetWindowRgn
LoadIconA
FindWindowA
LoadBitmapA
LoadCursorA
CopyIcon
SetCursor
GetParent
CopyRect
SetCapture
InvalidateRect
PtInRect
ReleaseCapture
GetWindowRect
SendMessageA
LoadImageA
GetDC
GetClientRect
HideCaret
UnregisterClassA
GetFocus
GetCapture
ReleaseDC
OpenIcon
AnyPopup
TrackMouseEvent
CloseClipboard
GetKeyboardType
EnableWindow
GetMenu
comdlg32
GetFileTitleA
shell32
ShellExecuteA
advapi32
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
gdi32
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDIBSection
ExtCreateRegion
CombineRgn
GetDeviceCaps
CreateFontA
GetObjectA
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
GetTextExtentPointA
CreateDIBitmap
DeleteObject
SetViewportExtEx
GetLayout
GetCharWidthFloatW
DeleteDC
SetBkMode
RestoreDC
LPtoDP
GetNearestColor
SetPixel
ScaleViewportExtEx
GetBkColor
GetTextColor
DPtoLP
GetMapMode
PatBlt
Escape
ExtTextOutA
TextOutA
RectVisible
GetViewportExtEx
IntersectClipRect
GetWindowExtEx
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
CopyMetaFileW
PtVisible
comctl32
ImageList_Destroy
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
kernel32
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
CloseHandle
Sleep
CreateThread
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetDiskFreeSpaceExA
GetDriveTypeA
GetVolumeInformationA
GetVersionExA
lstrcmpiA
CopyFileA
GetTempPathA
GetTimeFormatA
GetDateFormatA
GetLocalTime
LoadResource
FindResourceA
LockResource
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
HeapFree
RtlUnwind
FormatMessageA
GetFileTime
SetEnvironmentVariableA
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateMemoryResourceNotification
GetProcAddress
CompareStringW
HeapAlloc
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
SetStdHandle
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
GetFileType
GetCurrentProcess
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleHandleW
WriteFile
GetModuleFileNameA
WideCharToMultiByte
GetLastError
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
ReadFile
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetFileSize
Sections
.text Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 800B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ