E:\VS2013\Projects\KoishiEx\Release\blackcat.pdb
Static task
static1
Behavioral task
behavioral1
Sample
8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866.exe
Resource
win10v2004-20240426-en
General
-
Target
8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866
-
Size
4.4MB
-
MD5
910ac69191a534917bd963d4013af7e9
-
SHA1
41a2234c05352125294a3bc46a1389acd63022ad
-
SHA256
8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866
-
SHA512
883a5c5a5c3b126718ec00f663cbd83416bc02f89ee88a0f24a9a93c919fe10bdf232ddf3cd59d894b924e8aa71dce62210819d55dfb1f82d7e22eb733f343fe
-
SSDEEP
98304:O4mHZidb6PiqmN5Y2c+gswsMVzHzwYqD08b29U5:O4mHZEJN386YqD08y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866
Files
-
8214a1194aa0914c589ac5d4103695e5cd88ba5c7e4f3ba4b0d374b1cb8b0866.exe windows:6 windows x86 arch:x86
c0ae5f0ee9c31c5f589bd79bf9e01465
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
OutputDebugStringW
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStringTypeW
IsValidCodePage
VirtualFree
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
lstrlenA
GetCPInfo
GetOEMCP
ReleaseSemaphore
GetACP
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
CreateSemaphoreW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ExitThread
CreateThread
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetFileType
SetStdHandle
RtlUnwind
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
FindResourceExW
GetUserDefaultLCID
VirtualProtect
GetProfileIntW
GetTickCount
SearchPathW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
CompareStringA
lstrcmpA
GetVersionExW
GetCurrentThread
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetThreadLocale
LoadLibraryW
LoadLibraryA
lstrcmpiW
GetModuleHandleA
GetCurrentProcess
DuplicateHandle
CloseHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
CreateFileW
LocalAlloc
LoadLibraryExW
FreeLibrary
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
DeleteFileW
DecodePointer
HeapSize
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
Sleep
InitializeCriticalSectionEx
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateDirectoryW
GetProcAddress
GetModuleFileNameW
GetModuleHandleW
GetCurrentDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
WideCharToMultiByte
user32
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetAsyncKeyState
IsZoomed
TrackMouseEvent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
IntersectRect
ShowOwnedPopups
TranslateMessage
GetMessageW
WindowFromPoint
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
FillRect
DrawStateW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetSystemMenu
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
DrawFrameControl
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
EnableWindow
SendMessageW
GetParent
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DeleteMenu
SetWindowRgn
MessageBeep
OffsetRect
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
DispatchMessageW
RegisterWindowMessageW
CopyRect
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
GetNextDlgGroupItem
DestroyIcon
GetWindow
DrawEdge
LoadBitmapW
LoadMenuW
GetSubMenu
ClientToScreen
GetCursorPos
LoadIconW
GetClientRect
LoadImageW
IsIconic
GetSystemMetrics
DrawIcon
ScreenToClient
GetDC
DestroyAcceleratorTable
ReleaseDC
InvalidateRect
SetCursor
LoadCursorW
UnregisterClassW
GetWindowRect
PtInRect
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetDesktopWindow
CharUpperW
IsWindow
GetKeyNameTextW
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
GetWindowRgn
GetComboBoxInfo
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
PostThreadMessageW
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetClassLongW
LockWindowUpdate
BringWindowToTop
SetParent
SetCursorPos
RemovePropW
gdi32
GetStockObject
BitBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CreateRoundRectRgn
GetBkColor
GetTextColor
GetRgnBox
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
RealizePalette
SetPixel
SetDIBColorTable
OffsetRgn
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceW
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateFontW
CreateCompatibleDC
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
CreateDIBSection
GetObjectW
DeleteObject
ScaleWindowExtEx
CreateBitmap
GetPixel
msimg32
AlphaBlend
TransparentBlt
winspool.drv
DocumentPropertiesW
OpenPrinterW
ClosePrinter
advapi32
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
shell32
SHAppBarMessage
DragQueryFileW
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
ShellExecuteW
comctl32
InitCommonControlsEx
ImageList_ReplaceIcon
shlwapi
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
UrlUnescapeW
StrFormatKBSizeW
uxtheme
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
ole32
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleTranslateAccelerator
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
OleDestroyMenuDescriptor
CoInitialize
CoCreateInstance
CLSIDFromProgID
OleCreateMenuDescriptor
OleLockRunning
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
StgOpenStorageOnILockBytes
oleaut32
VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysStringLen
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysFreeString
oledlg
OleUIBusyW
gdiplus
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdiplusShutdown
wininet
InternetQueryDataAvailable
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundW
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 37KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 809KB - Virtual size: 808KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 179KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ