??$nativeInterface@UQWGLContext@QNativeInterface@@@QOpenGLContext@@QBEPAUQWGLContext@QNativeInterface@@XZ
Static task
static1
1 signatures
General
-
Target
NB_STAIOCCHI_2024-05-23_15_07_29.297.zip
-
Size
8.2MB
-
MD5
e4d207a1ee6ec0590639e9fc13997b97
-
SHA1
786ca6f5d1c7e5387b7fe130b9c345a9548c2d12
-
SHA256
bb1dfb652d2f57da1293858b4f80abd59a52c78b9261179590e742dc8d4ae541
-
SHA512
b2b6d1f819ead684baee87a73b0525b439897b66381ec4401ad47dbb0b025cff48454afb1be1d4147fc26e52c31b45054f4dbe088b6f3eff38199c8c899bbf14
-
SSDEEP
196608:qAdEYc3yCXyB+89FXV9ugIwr47hYk5tSqp7MMOcAOjE52wpyi7H:qAd/c3NXy/V9gi4NZPSqiMO1OYcwpTH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Device/HarddiskVolume3/Users/SimoneTaiocchi/Downloads/XmlPad-Installer_273425.exe
Files
-
NB_STAIOCCHI_2024-05-23_15_07_29.297.zip.zip
Password: CACCApupu123!
-
Device/HarddiskVolume3/Users/SimoneTaiocchi/Downloads/XmlPad-Installer_273425.exe.exe windows:6 windows x86 arch:x86
Password: CACCApupu123!
a7f8be7db80b7db917aa8b0bef1bde18
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmGetDefaultIMEWnd
ImmReleaseContext
ImmGetVirtualKey
ImmNotifyIME
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmGetContext
ImmGetOpenStatus
ImmAssociateContext
ImmAssociateContextEx
oleaut32
SysFreeString
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
dwmapi
DwmIsCompositionEnabled
DwmSetWindowAttribute
DwmGetWindowAttribute
DwmEnableBlurBehindWindow
uxtheme
GetThemeColor
SetWindowTheme
GetThemeMargins
GetThemeEnumValue
GetCurrentThemeName
GetThemeBackgroundRegion
IsAppThemed
ord47
GetThemePropertyOrigin
IsThemeActive
GetThemeInt
GetThemeTransitionDuration
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
OpenThemeData
GetThemeBool
gdi32
GetCharABCWidthsW
GetDIBits
CreateDIBSection
BitBlt
CreateFontIndirectW
GetCharABCWidthsFloatW
GetTextFaceW
GetOutlineTextMetricsW
CreateDCW
GetRegionData
DeleteDC
SetBkMode
CreateBitmap
ExtTextOutW
GetPixelFormat
CombineRgn
AddFontResourceExW
ChoosePixelFormat
GetTextMetricsW
SwapBuffers
DescribePixelFormat
SetGraphicsMode
GetDeviceCaps
SetWorldTransform
GetStockObject
SelectObject
RemoveFontMemResourceEx
GetGlyphOutlineW
GetFontData
GetBitmapBits
GetObjectW
SelectClipRgn
GetCharABCWidthsI
SetTextColor
AddFontMemResourceEx
DeleteObject
GetTextExtentPoint32W
SetPixelFormat
SetTextAlign
CreateRectRgn
CreateCompatibleDC
EnumFontFamiliesExW
SetLayout
OffsetRgn
RemoveFontResourceExW
CreateCompatibleBitmap
GdiFlush
dnsapi
DnsFree
DnsQuery_W
iphlpapi
ConvertInterfaceIndexToLuid
GetAdaptersAddresses
ConvertInterfaceLuidToIndex
ConvertInterfaceLuidToNameW
ConvertInterfaceLuidToGuid
ConvertInterfaceNameToLuidW
ws2_32
WSAAsyncSelect
WSACleanup
WSAStartup
gethostname
WSASetLastError
send
recv
getaddrinfo
WSAConnect
WSARecv
WSAHtonl
freeaddrinfo
WSASend
WSANtohs
WSAIoctl
getnameinfo
WSARecvFrom
WSAGetLastError
setsockopt
select
listen
htons
getsockname
getpeername
closesocket
bind
__WSAFDIsSet
getsockopt
WSAAccept
WSASendTo
WSASocketW
ntohl
htonl
WSANtohl
crypt32
CertCloseStore
CertOpenStore
CertFreeCertificateContext
CertGetCertificateChain
CertDuplicateCertificateContext
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertFreeCertificateChain
CertOpenSystemStoreW
CertEnumCertificatesInStore
CertCreateCertificateContext
CertFindCertificateInStore
userenv
GetUserProfileDirectoryW
advapi32
GetEffectiveRightsFromAclW
CryptGetProvParam
MapGenericMask
CryptExportKey
CryptSetHashParam
RegQueryInfoKeyW
RegEnumKeyExW
ReportEventW
BuildTrusteeWithSidW
RegNotifyChangeKeyValue
GetTokenInformation
RegCloseKey
CryptSignHashW
GetLengthSid
CryptDestroyKey
CopySid
FreeSid
CryptDestroyHash
GetSidSubAuthorityCount
GetNamedSecurityInfoW
DeregisterEventSource
RegCreateKeyExW
SystemFunction036
RegOpenKeyExW
OpenProcessToken
GetSidSubAuthority
CryptCreateHash
CryptEnumProvidersW
RegQueryValueExW
RegEnumValueW
RegDeleteKeyW
DuplicateToken
CryptReleaseContext
LookupAccountSidW
RegDeleteValueW
RegSetValueExW
CryptDecrypt
RegisterEventSourceW
AccessCheck
RegFlushKey
CryptGetUserKey
CryptAcquireContextW
AllocateAndInitializeSid
kernel32
CreateThreadpoolWork
HeapAlloc
WakeConditionVariable
ConvertThreadToFiber
FindNextFileW
DecodePointer
GetFileSize
GetDateFormatW
TlsAlloc
MultiByteToWideChar
GetCurrencyFormatW
GetEnvironmentStringsW
WaitForSingleObject
CreateDirectoryW
FreeEnvironmentStringsW
WriteConsoleW
GetVolumeInformationW
GetFullPathNameW
UnregisterWaitEx
SetHandleInformation
GetLogicalDrives
CreateMutexA
SwitchToFiber
ReadConsoleA
SetConsoleMode
TerminateProcess
WTSGetActiveConsoleSessionId
GlobalUnlock
CreateFileW
SetEndOfFile
GetEnvironmentVariableW
GetLongPathNameW
DeleteCriticalSection
GlobalFree
InitOnceComplete
CreateSemaphoreW
DeleteFileW
LCMapStringW
SystemTimeToTzSpecificLocalTime
Sleep
GetCommandLineW
HeapReAlloc
InitializeCriticalSectionAndSpinCount
CreateNamedPipeW
lstrcmpW
GetStdHandle
AcquireSRWLockExclusive
SetThreadPriority
HeapFree
MapViewOfFile
EncodePointer
GetConsoleOutputCP
ReadFileEx
RaiseException
EnumSystemLocalesW
CreateProcessW
GetACP
QueryPerformanceFrequency
GetCPInfo
IsDebuggerPresent
GetSystemTime
GlobalSize
WaitForMultipleObjects
CopyFileW
InitializeSListHead
WriteFileEx
GetModuleHandleExW
GetCurrentThreadId
UnhandledExceptionFilter
DeleteFiber
GlobalLock
GetStartupInfoW
LocalFree
HeapSize
SubmitThreadpoolWork
InitializeConditionVariable
SetFilePointer
GetSystemDirectoryW
FormatMessageW
GetFileSizeEx
SleepConditionVariableSRW
GetSystemInfo
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
ResetEvent
SetConsoleCtrlHandler
GetTimeZoneInformation
OpenFileMappingW
SetStdHandle
RemoveDirectoryW
ReleaseSemaphore
MoveFileW
FindFirstFileExW
TlsGetValue
QueryPerformanceCounter
IsValidCodePage
SetUnhandledExceptionFilter
CompareStringEx
TlsSetValue
LeaveCriticalSection
SetFileAttributesW
SystemTimeToFileTime
ReadFile
GetConsoleWindow
GetUserGeoID
GetCurrentDirectoryW
InitializeCriticalSectionEx
GetLocalTime
CreateFiber
TzSpecificLocalTimeToSystemTime
FindClose
GetUserDefaultLCID
GetDriveTypeW
GetGeoInfoW
GlobalAlloc
IsValidLocale
WriteFile
SetFileTime
GetUserDefaultLocaleName
GetExitCodeProcess
LocalAlloc
VirtualQuery
LCMapStringEx
RegisterWaitForSingleObject
GetProcAddress
SetEnvironmentVariableW
SleepConditionVariableCS
GetOEMCP
GetFileInformationByHandleEx
CompareStringW
FindNextChangeNotification
TerminateThread
GetTickCount64
ConnectNamedPipe
GetStringTypeW
LoadLibraryA
DuplicateHandle
InitOnceBeginInitialize
CancelIoEx
SetErrorMode
GetFileAttributesExW
CloseThreadpoolWork
GetFileInformationByHandle
UnmapViewOfFile
ResumeThread
OutputDebugStringW
GetFileAttributesW
GetProcessId
FindCloseChangeNotification
FlushFileBuffers
WakeAllConditionVariable
LoadLibraryW
CreateFileMappingW
lstrlenA
LoadLibraryExW
GetCommandLineA
InitializeCriticalSection
ReleaseSRWLockExclusive
FreeLibrary
GetTimeFormatW
CloseHandle
MoveFileExW
IsProcessorFeaturePresent
ExitProcess
GetThreadPriority
GetModuleFileNameW
GetUserDefaultLangID
WaitForSingleObjectEx
DeviceIoControl
InitializeSRWLock
TlsFree
SetLastError
WideCharToMultiByte
FindFirstChangeNotificationW
ExitThread
GetFileType
SetFilePointerEx
FindFirstFileW
TryEnterCriticalSection
ReadConsoleW
ReleaseMutex
GetProcessHeap
RtlUnwind
GetLocaleInfoW
GetLastError
FileTimeToSystemTime
GetVolumePathNamesForVolumeNameW
GetCurrentThread
VirtualFree
GetCurrentProcessId
GetCurrentProcess
GetTickCount
SleepEx
ConvertFiberToThread
GetModuleHandleW
GetTempPathW
SetEvent
GetUserPreferredUILanguages
GetConsoleMode
FreeLibraryWhenCallbackReturns
EnterCriticalSection
CheckRemoteDebuggerPresent
CreateEventW
VirtualAlloc
FreeLibraryAndExitThread
CreateThread
PeekNamedPipe
OpenProcess
netapi32
NetApiBufferFree
NetShareEnum
ole32
CoGetMalloc
CoLockObjectExternal
OleGetClipboard
CoCreateGuid
RegisterDragDrop
DoDragDrop
OleUninitialize
OleIsCurrentClipboard
CoCreateInstance
OleFlushClipboard
CoInitialize
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2
OleSetClipboard
CoTaskMemFree
CoUninitialize
CoInitializeEx
OleInitialize
shell32
Shell_NotifyIconGetRect
SHCreateItemFromParsingName
SHGetStockIconInfo
CommandLineToArgvW
SHGetFileInfoW
Shell_NotifyIconW
SHGetMalloc
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
ShellExecuteW
SHCreateItemFromIDList
ord727
SHGetKnownFolderPath
user32
GetParent
CreateWindowExW
DestroyCaret
ScreenToClient
ReleaseDC
GetKeyboardLayoutList
ShowCaret
IsHungAppWindow
HideCaret
GetAsyncKeyState
CreatePopupMenu
RealGetWindowClassW
GetUserObjectInformationW
EnumWindows
GetSysColorBrush
TrackMouseEvent
TrackPopupMenu
UnregisterPowerSettingNotification
QueryDisplayConfig
DestroyWindow
SetMenuItemInfoW
UnregisterDeviceNotification
GetIconInfo
TrackPopupMenuEx
AdjustWindowRectEx
SetCursorPos
ClientToScreen
GetClipboardFormatNameW
GetKeyboardState
GetSystemMetrics
ChangeWindowMessageFilterEx
SendMessageW
FindWindowA
DrawIconEx
MessageBoxW
AppendMenuW
ShowWindow
MapVirtualKeyW
GetDC
DestroyCursor
MonitorFromPoint
ToUnicode
DestroyMenu
GetDoubleClickTime
RegisterClipboardFormatW
MoveWindow
RegisterClassExW
GetWindowRect
IsZoomed
ModifyMenuW
ChildWindowFromPointEx
CreateCaret
GetForegroundWindow
IsIconic
LoadIconW
SystemParametersInfoW
SetCaretPos
GetSystemMenu
FlashWindowEx
RemoveMenu
UnregisterClassW
EnableMenuItem
EnumDisplayDevicesW
SetParent
GetCapture
GetWindowPlacement
ToAscii
IsChild
GetMessageExtraInfo
SetLayeredWindowAttributes
RegisterPowerSettingNotification
GetAncestor
PeekMessageW
IsWindowVisible
BeginPaint
SetFocus
EnumDisplayMonitors
GetClientRect
KillTimer
RegisterDeviceNotificationW
GetDesktopWindow
CreateMenu
WindowFromPoint
IsWindowEnabled
ChangeClipboardChain
GetWindowTextW
GetMonitorInfoW
SetTimer
IsWindow
GetClassInfoW
PostThreadMessageW
CreateCursor
PostMessageW
DrawMenuBar
GetCursor
SetWindowTextW
MonitorFromWindow
RegisterClassW
GetKeyboardLayout
DispatchMessageW
CreateIconIndirect
GetMenuItemInfoW
GetQueueStatus
SetWindowLongW
CloseTouchInputHandle
LoadCursorW
InvalidateRect
GetMenu
AttachThreadInput
GetCursorPos
SetForegroundWindow
RegisterWindowMessageW
DestroyIcon
CharNextExA
IsTouchWindow
TranslateMessage
DefWindowProcW
ReleaseCapture
GetDisplayConfigBufferSizes
GetSysColor
UnregisterTouchWindow
GetFocus
SetClipboardViewer
GetWindow
GetCursorInfo
SetCursor
UpdateLayeredWindowIndirect
SetWindowPlacement
RegisterTouchWindow
EndPaint
GetWindowThreadProcessId
GetCaretBlinkTime
SetWindowRgn
GetKeyState
MsgWaitForMultipleObjectsEx
SetMenu
LoadImageW
GetUpdateRect
SetWindowPos
MessageBeep
SetCapture
DisplayConfigGetDeviceInfo
GetTouchInputInfo
GetWindowLongW
InsertMenuW
GetProcessWindowStation
UpdateLayeredWindow
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
winmm
timeKillEvent
timeSetEvent
PlaySoundW
bcrypt
BCryptGenRandom
Exports
Exports
Sections
.text Size: 16.0MB - Virtual size: 16.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 89KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 326KB - Virtual size: 325KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 388KB - Virtual size: 388KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
manifest.json