Static task
static1
Behavioral task
behavioral1
Sample
ss1.scr
Resource
win10-20240404-en
General
-
Target
ss1.scr
-
Size
2.1MB
-
MD5
d7e00bbaef888c667a8649ffea11c2de
-
SHA1
5987ab566bce917072c82321c60c67419b7a5790
-
SHA256
3aa873e203bab72d2b103bc25466d22b858102c73efbf5ef59f4b6080857b861
-
SHA512
8ecaebdcaf28a0dbe2f09aaa9e7f6cf023372c240127154148b1265cd1f69c786ea0a1e4c0710e14a5476ca8b15706e36c0aa73636ccbd924ab972ea95dde254
-
SSDEEP
49152:Rw07ZjW4v5Vjv4aL84SBqFoQlQzwczx6wTMBFZq:9xhhxTCQ+znzYYMBFZq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ss1.scr
Files
-
ss1.scr.exe windows:6 windows x64 arch:x64
010b6ad363cc42502c1ed4325aacac84
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvfw32
MCIWndCreateW
kernel32
GetTickCount
GetVersionExA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
GlobalSize
WriteConsoleW
HeapReAlloc
FlushFileBuffers
SetStdHandle
LCMapStringW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStringTypeW
GetConsoleCP
HeapSize
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
LeaveCriticalSection
EnterCriticalSection
Sleep
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WriteFile
GetStdHandle
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
GetProcessHeap
GetCommandLineW
DeleteFileW
LoadLibraryExW
ExitThread
CreateThread
EncodePointer
RtlUnwindEx
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
HeapFree
GetTempPathW
SetFilePointer
GetLocalTime
ReadFile
CreateFileW
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcessAffinityMask
ResumeThread
GetCurrentProcess
WaitForSingleObject
CloseHandle
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
SetEndOfFile
user32
GetIconInfo
GetDC
ReleaseDC
LoadStringW
DrawIconEx
GetWindowThreadProcessId
IsRectEmpty
WindowFromPoint
GetCursor
GetCursorPos
IsZoomed
AttachThreadInput
SystemParametersInfoW
SystemParametersInfoA
LoadCursorW
FindWindowW
SetWindowLongW
GetWindowLongW
OffsetRect
IntersectRect
FillRect
SetCursor
ShowCursor
MessageBeep
MessageBoxW
SetWindowTextW
EndPaint
BeginPaint
DrawTextW
GetKeyState
GetActiveWindow
GetDlgItem
EndDialog
CreateDialogParamW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
DestroyIcon
LoadIconW
SetParent
GetParent
ScreenToClient
ClientToScreen
GetWindowRect
GetClientRect
InvalidateRect
SetActiveWindow
UpdateWindow
GetSystemMetrics
KillTimer
SetTimer
SetFocus
SendDlgItemMessageW
BringWindowToTop
IsWindowVisible
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PostMessageW
SendMessageW
gdi32
CreatePalette
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDCOrgEx
SetTextColor
SetStretchBltMode
StretchDIBits
SetBkMode
SetBkColor
SelectPalette
SelectObject
RealizePalette
GetClipBox
DeleteDC
CreateSolidBrush
CreateFontIndirectW
CreateDCW
GetStockObject
GetSystemPaletteEntries
GetDeviceCaps
DeleteObject
GetObjectW
GetDIBits
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
ole32
CoCreateInstance
CoUninitialize
CoInitialize
Sections
.text Size: 280KB - Virtual size: 280KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 204KB - Virtual size: 203KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ