Static task
static1
Behavioral task
behavioral1
Sample
8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
General
-
Target
8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1
-
Size
3.4MB
-
MD5
afd2d1a3cd82b366cfe90bdbfa15fcd9
-
SHA1
e7ab6b8a9d0ef3b88c2c9f6567c3ef69e79d70f4
-
SHA256
8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1
-
SHA512
e6f85239d55c329ae8d15bb7f1641d043d491cd0247f3643026d5a676c98017d6990a83b3a221b3c0ce81087f675968063c35e3fcfb5bf9e425d677f35205784
-
SSDEEP
98304:hZS4MtfO5wGSaWQVeNx+XqwJdOv/dXiMFl:xAf2hiNx+3AiMFl
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1
Files
-
8ba326c38a579265c2b3718ee44a7d4b302f3ef681220c0681f7288c97e1f4c1.exe windows:6 windows x86 arch:x86
ef75cc6977e51c2b695c91c14acf2063
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
zlib1
deflateEnd
deflate
deflateInit2_
inflateEnd
inflate
inflateInit2_
get_crc_table
crc32
kernel32
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
DeleteFileW
GetStdHandle
QueryPerformanceFrequency
GetFullPathNameW
HeapQueryInformation
GetFileType
SetStdHandle
MoveFileExW
CreateThread
GetCurrentDirectoryW
SetCurrentDirectoryW
SetCurrentDirectoryA
SetEnvironmentVariableW
SetEnvironmentVariableA
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
OutputDebugStringW
GetStringTypeW
GetTimeZoneInformation
FreeLibraryAndExitThread
GetDriveTypeW
VirtualQuery
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileA
GetDiskFreeSpaceA
SearchPathA
GetProfileIntA
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetTickCount
GetWindowsDirectoryA
FindResourceExW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
lstrcpyA
GetCurrentDirectoryA
GetACP
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GetAtomNameA
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SystemTimeToTzSpecificLocalTime
LocalAlloc
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GetThreadLocale
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
WaitForSingleObject
SetEvent
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
SetFilePointer
WriteFile
ReadFile
CreateFileA
SystemTimeToFileTime
SetFileTime
LocalFileTimeToFileTime
FindClose
FileTimeToSystemTime
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
DeleteFileA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
FindResourceA
SizeofResource
LockResource
LoadResource
Sleep
CreateMutexA
ReleaseMutex
CloseHandle
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
WriteConsoleW
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
FindFirstFileExA
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
CreateFileW
ExitThread
user32
GetNextDlgGroupItem
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableA
LoadCursorW
WindowFromPoint
WaitMessage
DestroyIcon
SetTimer
DeleteMenu
GetDialogBaseUnits
GetAsyncKeyState
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
RealChildWindowFromPoint
IntersectRect
InflateRect
LoadCursorA
GetSysColorBrush
MapVirtualKeyA
GetKeyNameTextA
CharUpperA
CharNextA
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
SetRectEmpty
SendDlgItemMessageA
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
GetDesktopWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
GetWindowLongA
MessageBeep
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetForegroundWindow
SetClassLongA
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SetParent
OpenClipboard
CloseClipboard
UnregisterClassA
SendMessageA
PostMessageA
PostThreadMessageA
IsIconic
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
LoadBitmapW
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetSysColor
TrackMouseEvent
LoadImageW
CreatePopupMenu
GetMenuDefaultItem
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
LoadImageA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
ScreenToClient
ClientToScreen
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EqualRect
EnumDisplayMonitors
SetClipboardData
EmptyClipboard
GetTabbedTextExtentW
GetTabbedTextExtentA
DestroyCursor
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageA
SubtractRect
TranslateMDISysAccel
EnableWindow
GetSystemMetrics
DrawIcon
SetWindowRgn
GetClientRect
GetWindowRect
LoadIconW
SetCapture
ReleaseCapture
KillTimer
GetWindowRgn
InvalidateRect
RedrawWindow
GetCursorPos
SetRect
OffsetRect
PtInRect
MessageBoxExA
FillRect
MessageBoxA
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
EnumChildWindows
GetDCEx
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
FrameRect
CopyIcon
SetCursorPos
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
GetForegroundWindow
DrawStateA
gdi32
CreatePen
CreateSolidBrush
SetPixel
CreateFontA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePatternBrush
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutA
ExtTextOutA
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
CreateCompatibleBitmap
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
PatBlt
CreateFontIndirectA
GetMapMode
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetDIBits
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
GetCharWidthA
StretchDIBits
Rectangle
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextExtentPointA
GetTextExtentPoint32W
GetTextFaceA
SelectClipRgn
SaveDC
RestoreDC
PtInRegion
OffsetRgn
GetRgnBox
CombineRgn
BitBlt
GetObjectA
SetDIBColorTable
CreateDIBSection
StretchBlt
SelectObject
CreateRectRgn
CreateCompatibleDC
DeleteObject
SetWindowOrgEx
CreateDCA
DeleteDC
msimg32
AlphaBlend
TransparentBlt
winspool.drv
DocumentPropertiesA
ClosePrinter
GetJobA
OpenPrinterA
advapi32
RegEnumKeyA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExW
RegQueryValueA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
shell32
SHAppBarMessage
SHGetDesktopFolder
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragQueryFileA
DragFinish
ShellExecuteExA
ShellExecuteA
SHBrowseForFolderA
SHGetMalloc
comctl32
ord17
shlwapi
PathIsDirectoryA
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA
UrlUnescapeA
StrFormatKBSizeA
PathRemoveFileSpecW
uxtheme
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText
ole32
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
RevokeDragDrop
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
GetHGlobalFromILockBytes
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
DoDragDrop
OleGetClipboard
CoRevokeClassObject
CoRegisterClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
OleRun
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoCreateInstance
CoInitialize
CoUninitialize
CoLockObjectExternal
RegisterDragDrop
OleCreateLinkToFile
oleaut32
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayDestroy
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
SafeArrayAllocData
VarBstrFromDec
VarDecFromStr
SysAllocString
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SafeArrayCreate
SystemTimeToVariantTime
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
VariantChangeType
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
SafeArrayAllocDescriptor
VarBstrFromDate
VariantClear
VariantTimeToSystemTime
oledlg
ord8
gdiplus
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipFree
GdipDrawImageI
GdipAlloc
wtsapi32
WTSEnumerateProcessesA
WTSFreeMemory
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
InternetFindNextFileA
InternetErrorDlg
InternetGetCookieA
InternetSetCookieA
HttpQueryInfoA
HttpEndRequestA
HttpSendRequestExA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
GopherGetAttributeA
GopherOpenFileA
GopherFindFirstFileA
GopherCreateLocatorA
FtpCommandA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpOpenFileA
FtpRenameFileA
FtpDeleteFileA
FtpPutFileA
FtpGetFileA
FtpFindFirstFileA
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetSetOptionA
InternetQueryOptionA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundA
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 564KB - Virtual size: 563KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 310KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 138KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.giats Size: 512B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ