Static task
static1
Behavioral task
behavioral1
Sample
f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c.exe
Resource
win10v2004-20240426-en
General
-
Target
f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c.exe
-
Size
848KB
-
MD5
06feef43e18458e9f1052c6d485bdf57
-
SHA1
0b67a57d2bae9757e7caceec8e557884e80ace5d
-
SHA256
f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c
-
SHA512
ceccee28cb51d3ee62d6bd7d921d112e858940388e44d2b06cceb3af9efe463e740448ac6a9ef9e96b0e41c737c82a1fc0ad58941bb3f6f417e1575adacbe917
-
SSDEEP
24576:85xO0x5kws1TB7Pz3pDbPRwIvqFdCKzca:8fOQHyNfGIvqFdVz3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c.exe
Files
-
f48f22e583ad5628e34c5e76367deab519d49be78fc6741327bbc9386079538c.exe.exe windows:4 windows x86 arch:x86
63a927fdcc044653e1c0fb8b77840e74
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MulDiv
GetCurrentThreadId
SetLastError
FreeLibrary
LoadLibraryExA
GetModuleHandleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetStdHandle
SetFilePointer
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
lstrcmpA
TlsGetValue
GetFileType
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStdHandle
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapCreate
HeapDestroy
GetStartupInfoA
GetCommandLineA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
GetSystemTimeAsFileTime
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FlushInstructionCache
IsDBCSLeadByte
CreateThread
TerminateThread
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrlenW
MoveFileExA
GlobalLock
GlobalUnlock
GetCurrentProcess
SetProcessWorkingSetSize
FindFirstFileA
FindNextFileA
FindClose
WideCharToMultiByte
DeleteFileA
GetVolumeInformationA
GetVersionExA
GetFileSize
ReadFile
CreateFileA
GetLastError
WriteFile
MultiByteToWideChar
CloseHandle
GlobalAlloc
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
lstrcpynA
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
Sleep
GetModuleFileNameA
SetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
TlsAlloc
user32
InvalidateRgn
SetCapture
IsChild
SetWindowLongA
GetWindowLongA
CreateWindowExA
DestroyWindow
SetWindowPos
ShowWindow
SendMessageA
LoadIconA
ReleaseDC
FillRect
GetDC
SetTimer
EnableWindow
GetDlgItem
SetDlgItemTextA
GetParent
SendDlgItemMessageA
GetClassNameA
ReleaseCapture
CallWindowProcA
DestroyAcceleratorTable
GetWindow
GetFocus
GetDesktopWindow
IsWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateAcceleratorTableA
PostMessageA
GetWindowRect
InsertMenuItemA
FindWindowA
GetKeyState
SetWindowTextA
GetSystemMetrics
SetActiveWindow
EndPaint
BeginPaint
LoadImageA
GetClientRect
PtInRect
RedrawWindow
SetLayeredWindowAttributes
KillTimer
CharLowerA
OffsetRect
InflateRect
GetUpdateRect
SetFocus
GetWindowDC
CreatePopupMenu
ScreenToClient
ClientToScreen
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
SystemParametersInfoA
GetScrollInfo
SetCursor
GetDlgItemInt
GetDlgCtrlID
UpdateWindow
DialogBoxParamA
CheckMenuItem
GetMenuItemID
TrackMouseEvent
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
LoadStringA
MessageBoxA
MoveWindow
GetWindowInfo
GetSysColor
SetForegroundWindow
TrackPopupMenu
DefWindowProcA
ValidateRect
GetSysColorBrush
GetMenuItemRect
FrameRect
CharNextA
EndDialog
DestroyMenu
CopyRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
UnregisterClassA
LockWindowUpdate
MessageBeep
GetCursorPos
SetScrollInfo
GetWindowPlacement
RegisterHotKey
UnregisterHotKey
InvalidateRect
DrawTextA
GetMenuItemCount
gdi32
CreateRectRgn
GetTextExtentPoint32A
GetStockObject
GetTextMetricsA
TextOutA
SetTextAlign
CreateDIBitmap
Polygon
CreatePen
SelectClipRgn
EndPage
CreatePatternBrush
Rectangle
SetTextColor
GetCurrentObject
EndDoc
GetTextExtentExPointA
GetDeviceCaps
StartDocA
BitBlt
CreateRoundRectRgn
DeleteObject
SelectObject
CreateFontA
GetObjectA
DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
StartPage
SetBkMode
SetStretchBltMode
comdlg32
GetOpenFileNameA
PrintDlgA
advapi32
RegDeleteKeyA
GetUserNameA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
shell32
SHGetSpecialFolderPathA
ShellExecuteA
DragFinish
DragQueryFileA
Shell_NotifyIconA
ole32
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
CLSIDFromString
OleInitialize
OleUninitialize
oleaut32
VarUI4FromStr
VariantClear
SysStringByteLen
GetErrorInfo
SysAllocStringLen
VariantInit
OleCreateFontIndirect
LoadRegTypeLi
SysAllocString
SysFreeString
SysStringLen
LoadTypeLi
ws2_32
closesocket
connect
htonl
htons
socket
gethostbyname
recv
send
setsockopt
WSAStartup
WSACleanup
gdiplus
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipCloneImage
GdipFree
winmm
PlaySoundA
comctl32
InitCommonControlsEx
msimg32
TransparentBlt
libeay32
ord227
ord223
ssleay32
ord87
ord59
ord75
ord43
ord341
ord74
ord183
ord127
ord130
ord78
ord108
ord12
ord58
Sections
.text Size: 239KB - Virtual size: 238KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 70KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 472KB - Virtual size: 471KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ