Static task
static1
Behavioral task
behavioral1
Sample
67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae.exe
Resource
win10v2004-20240426-en
General
-
Target
67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae.exe
-
Size
788KB
-
MD5
149e6fb9871c026b336c764608b97530
-
SHA1
6ee40db66b0ef9715a2f7b41b1bcacad1771ad30
-
SHA256
67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae
-
SHA512
de3c6929793cfbf92809878ee3a2b8cb682f5410eeed72391b73cd3a8b2f4652d0c71024bc69b11d217cc0383b21af9418800924b58218ab3feef947a94d627c
-
SSDEEP
12288:NtMWg048XQxI3FyB+AIQQL0iOpsPICevpb8YuALgcvv+eiEihiiDrTJXBb:NtW04nxI3c+sQL0iOFv+eiEihiiv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae.exe
Files
-
67d3575071a3fa5b4b9f5ca78ac4ce7ff24315ce3dd2be9d31a2fd6e81be87ae.exe.exe windows:4 windows x86 arch:x86
690cd77cafa010ac0ec9d46f7befa9b1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
ord17
kernel32
lstrlenW
CreateEventW
CreateThread
SizeofResource
SetLastError
GetCurrentThreadId
GetDateFormatW
GetTimeFormatW
WriteFile
WideCharToMultiByte
CreateFileW
DeleteFileW
LoadLibraryW
CopyFileW
FindFirstFileW
FindClose
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
lstrlenA
GetProcAddress
LoadLibraryA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
HeapSize
GetModuleFileNameA
GetStdHandle
HeapCreate
HeapDestroy
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
ExitProcess
GetModuleHandleA
GetLocalTime
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
VirtualAlloc
VirtualFree
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
WaitForSingleObject
SetEvent
MultiByteToWideChar
InterlockedDecrement
RaiseException
FreeLibrary
lstrcmpiW
DeleteCriticalSection
GetLastError
InitializeCriticalSection
LoadLibraryExW
InterlockedIncrement
GetCommandLineW
FindResourceW
GetModuleHandleW
LoadResource
GetFileAttributesW
GetUserDefaultLCID
EnumSystemLocalesW
GetModuleFileNameW
GetLocaleInfoW
GetTickCount
ReadFile
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
user32
KillTimer
SetTimer
GetMessageW
CallWindowProcW
LockWindowUpdate
SetWindowTextW
LoadCursorW
UpdateWindow
LoadIconW
CheckDlgButton
SetClassLongW
wvsprintfW
PostMessageW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
DialogBoxParamW
CallNextHookEx
GetKeyState
UnhookWindowsHookEx
GetDlgItemTextW
EndDialog
GetNextDlgTabItem
SetWindowsHookExW
LoadImageW
MoveWindow
PostThreadMessageW
LoadStringW
CharNextW
GetSysColorBrush
GetWindowRect
GetSystemMetrics
SetMenuItemInfoW
EnableWindow
GetSystemMenu
GetDesktopWindow
SetDlgItemTextW
MessageBoxW
SendMessageW
ShowWindow
SetWindowLongW
SendDlgItemMessageW
SetFocus
GetParent
GetDlgCtrlID
CreateDialogParamW
EndPaint
IsWindow
DestroyWindow
ReleaseDC
GetClientRect
DefWindowProcW
GetDC
IsDlgButtonChecked
CheckRadioButton
LoadBitmapW
BeginPaint
GetWindowLongW
GetDlgItem
UnregisterClassA
gdi32
CreateFontW
GetStockObject
SetBkMode
DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
ole32
CoRegisterClassObject
OleUninitialize
OleInitialize
CoRevokeClassObject
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoDisconnectObject
CoTaskMemAlloc
oleaut32
SysFreeString
VariantInit
SysAllocString
VariantClear
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysStringLen
LoadTypeLi
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
SafeArrayDestroy
VariantTimeToSystemTime
SafeArrayAccessData
VariantCopy
SafeArrayCreate
SafeArrayUnaccessData
LoadRegTypeLi
SysAllocStringByteLen
Sections
.text Size: 228KB - Virtual size: 224KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 516KB - Virtual size: 515KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ