??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44.exe
Resource
win7-20240419-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44
-
Size
4.5MB
-
MD5
848384c79ad64313c44df132a551dc8a
-
SHA1
ed6d3da2ed677050c7febdb6edaca78f4e62cdd6
-
SHA256
fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44
-
SHA512
a58e3bb6fc17c3a4ac7cabd7c0607ba5ea072de6146eb2f14f0b8de109eb4660c934b232a68de44625f48fb09d86439fc40bf8d8e63982afcd19ad171ce545e8
-
SSDEEP
98304:uKL7PENX9evFcKDlj2HVcaZh2dkXJELRyEm:uiY8RiHVcaLK9RZm
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44
Files
-
fb321072a04a06b101bf5dc42c219a299d829effac04b3dac80c5cf19f05ba44.exe windows:4 windows x86 arch:x86
7b72613656febe22ee87be669e792542
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
freeimageplus
?rescale@fipImage@@QAEHIIW4FREE_IMAGE_FILTER@@@Z
??0fipWinImage@@QAE@W4FREE_IMAGE_TYPE@@III@Z
??1fipWinImage@@UAE@XZ
?saveU@fipImage@@QBEHPB_WH@Z
?isValid@fipWinImage@@UBEHXZ
?clear@fipWinImage@@UAEXXZ
??0fipMemoryIO@@QAE@PAEK@Z
??1fipMemoryIO@@UAE@XZ
?getFileType@fipMemoryIO@@QBE?AW4FREE_IMAGE_FORMAT@@XZ
?loadFromMemory@fipImage@@QAEHAAVfipMemoryIO@@H@Z
?getWidth@fipImage@@QBEIXZ
?getHeight@fipImage@@QBEIXZ
kernel32
GlobalLock
LoadLibraryExW
GlobalAlloc
OpenProcess
TerminateProcess
lstrcmpiW
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
InterlockedIncrement
WriteFile
LocalAlloc
SetFilePointer
LocalFree
WaitForSingleObject
GetExitCodeThread
SetEvent
CreateEventW
WaitForMultipleObjects
WritePrivateProfileStringW
ResetEvent
DeleteFileW
GetCommandLineW
RemoveDirectoryW
CopyFileW
MoveFileW
DeleteCriticalSection
GetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetLogicalDriveStringsW
Process32NextW
QueryDosDeviceW
ExpandEnvironmentStringsW
ReadProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
GetSystemDirectoryW
InterlockedCompareExchange
OpenMutexW
ReleaseMutex
CreateProcessW
GetTempPathW
GetComputerNameA
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetCurrentDirectoryW
FileTimeToSystemTime
GetFileTime
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
GlobalUnlock
GlobalFree
CreateMutexW
Sleep
GetCurrentProcessId
FindResourceW
GetPrivateProfileStringW
SizeofResource
GetSystemTime
SystemTimeToFileTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
SwitchToFiber
DeleteFiber
GetVersion
GetModuleHandleExW
InterlockedExchangeAdd
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
GetFileType
PeekNamedPipe
GetStdHandle
DuplicateHandle
TerminateThread
FormatMessageW
SleepEx
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
LoadResource
LockResource
GetProcAddress
FreeResource
LeaveCriticalSection
FreeLibrary
CreateFileW
LoadLibraryW
FindResourceExW
GetFileSize
EnterCriticalSection
RaiseException
GetLocalTime
ReadFile
CloseHandle
OutputDebugStringW
InitializeCriticalSection
GetPrivateProfileIntW
GetVersionExW
SetLastError
GetModuleFileNameW
lstrlenA
GetCurrentThreadId
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetWindowsDirectoryW
GetCurrentProcess
GetLastError
InterlockedExchange
WideCharToMultiByte
lstrlenW
CreateThread
user32
GetDlgCtrlID
MapWindowPoints
BeginPaint
SetCursor
EnableWindow
ShowWindow
GetFocus
LoadCursorW
IsChild
EndPaint
GetWindowThreadProcessId
GetNextDlgTabItem
FindWindowW
GetForegroundWindow
SendMessageW
UpdateLayeredWindow
IsDialogMessageW
SetCapture
SystemParametersInfoW
KillTimer
LoadImageW
SetWindowPos
OffsetRect
ReleaseCapture
AttachThreadInput
LoadIconW
GetCursorPos
SetForegroundWindow
DestroyIcon
GetActiveWindow
PostMessageW
IsWindowVisible
CallWindowProcW
GetDC
EqualRect
IsWindowEnabled
DestroyWindow
MonitorFromWindow
ScreenToClient
PeekMessageW
ReleaseDC
DrawTextW
GetMonitorInfoW
IsWindow
IsRectEmpty
CopyRect
GetMessageW
TranslateMessage
DefWindowProcW
DispatchMessageW
PostThreadMessageW
RegisterWindowMessageW
InflateRect
GetClassInfoExW
SetFocus
BringWindowToTop
IsIconic
CharNextW
GetWindowRect
DrawIconEx
LoadBitmapW
GetWindow
GetParent
IntersectRect
CreateWindowExW
MoveWindow
GetDlgItem
PtInRect
wsprintfW
GetAsyncKeyState
FillRect
GetClientRect
UnregisterClassA
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
SetRectEmpty
ClientToScreen
GetDesktopWindow
RegisterClassExW
InvalidateRect
SetActiveWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
SwitchToThisWindow
SetWindowLongW
SetRect
GetLastActivePopup
gdi32
SetStretchBltMode
StretchBlt
CreateSolidBrush
ExtCreatePen
SetDIBColorTable
RectInRegion
MoveToEx
BitBlt
DeleteObject
Rectangle
SelectObject
SetTextColor
SetBkMode
CreateCompatibleDC
CreateDIBSection
GetCurrentObject
CreateCompatibleBitmap
SetViewportOrgEx
GetClipRgn
ExtSelectClipRgn
GetStockObject
RoundRect
GetObjectW
GetViewportOrgEx
OffsetRgn
GetDeviceCaps
SaveDC
CreateRectRgnIndirect
CreatePen
GetTextColor
CreateBitmap
CombineRgn
CreateRoundRectRgn
RestoreDC
CreateRectRgn
TextOutW
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
SelectClipRgn
DeleteDC
LineTo
CreateFontIndirectW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
CryptDecrypt
CryptDestroyKey
CryptEnumProvidersW
RegisterEventSourceW
ReportEventW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
DeregisterEventSource
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
CryptGetUserKey
CryptExportKey
CryptDestroyHash
CryptSignHashW
CryptSetHashParam
CryptCreateHash
CryptGetProvParam
shell32
SHCreateDirectoryExW
Shell_NotifyIconW
SHBrowseForFolderW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHFileOperationW
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
ord680
ShellExecuteW
SHGetFolderPathW
ole32
CoCreateGuid
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CreateStreamOnHGlobal
oleaut32
SysAllocStringLen
VarUI4FromStr
SysFreeString
shlwapi
PathFileExistsW
PathRemoveFileSpecW
StrToIntA
StrToIntW
PathFindFileNameW
StrStrIW
PathAppendW
PathIsDirectoryW
StrCmpLogicalW
PathFindExtensionW
PathAddBackslashW
msvcp80
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
comctl32
InitCommonControlsEx
_TrackMouseEvent
msimg32
AlphaBlend
gdiplus
GdipDeletePrivateFontCollection
GdipDeleteFontFamily
GdipGetFontSize
GdipCreateLineBrushFromRectWithAngleI
GdipSetClipPath
GdipNewPrivateFontCollection
GdipFree
GdipCreatePen1
GdipAddPathStringI
GdipMeasureString
GdipSetSmoothingMode
GdipDisposeImageAttributes
GdipGetFamily
GdipCreateImageAttributes
GdipDeleteBrush
GdipDrawLinesI
GdipSetPixelOffsetMode
GdipCreateFontFromLogfontW
GdipAddPathRectangleI
GdipSetInterpolationMode
GdipDeleteFont
GdipCloneBrush
GdiplusStartup
GdipGetImageGraphicsContext
GdipFillPath
GdipClosePathFigure
GdipDeletePen
GdipCreateFont
GdipCreateBitmapFromScan0
GdipAddPathPieI
GdipRotateWorldTransform
GdipLoadImageFromFile
GdipAddPathArcI
GdiplusShutdown
GdipCreateBitmapFromStream
GdipDrawString
GdipDeletePath
GdipCloneImage
GdipSetTextRenderingHint
GdipCreatePath
GdipDrawPath
GdipDisposeImage
GdipSetStringFormatTrimming
GdipLoadImageFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipImageRotateFlip
GdipCloneBitmapArea
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipSetPenDashStyle
GdipSetPenEndCap
GdipDeleteGraphics
GdipSetImageAttributesColorMatrix
GdipGraphicsClear
GdipSetPenStartCap
GdipCreateFromHDC
GdipPrivateAddFontFile
GdipDrawImageRectI
GdipCreateStringFormat
GdipSetPenMode
GdipGetFontCollectionFamilyCount
GdipCreateSolidFill
GdipDrawImageI
GdipDeleteStringFormat
GdipAlloc
GdipDrawImageRectRectI
GdipDrawLine
GdipFillRectangle
GdipSetStringFormatFlags
GdipDrawImageRectRect
GdipGetFontCollectionFamilyList
GdipSetStringFormatAlign
GdipGetImageHeight
GdipSetCompositingQuality
GdipDrawRectangleI
GdipCloneFontFamily
GdipFillRectangleI
GdipSetStringFormatLineAlign
GdipGetImageWidth
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromFile
GdipAddPathEllipseI
GdipGetImagePixelFormat
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
msvcr80
_vsnwprintf
_mktime64
_get_errno
wcstok
_findclose
_wfindnext64i32
_wfindfirst64i32
strcpy_s
_snwprintf_s
_wstat64
_localtime64_s
_wtoi64
setlocale
wcsncmp
_wcsnicmp
wcspbrk
iswspace
strchr
isspace
strncmp
isalpha
_wtol
__CxxFrameHandler3
_CxxThrowException
sprintf_s
strpbrk
sprintf
sscanf
__argv
fgetws
fputws
fflush
?terminate@@YAXXZ
_unlock
__dllonexit
strcspn
_strdup
raise
_vsnprintf
_gmtime64_s
feof
_setmode
_strnicmp
strspn
strerror_s
_stat64i32
_fileno
_fstat64i32
setbuf
clearerr
qsort
_stat64
getenv
_fstat64
_gmtime64
_lseeki64
_encode_pointer
_lock
_onexit
strncpy
strerror
__sys_nerr
strtol
fputs
fopen
fgets
_errno
memchr
_strtoi64
toupper
strrchr
strstr
isdigit
isxdigit
strtoul
realloc
strcpy
__iob_func
_stricmp
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_putenv
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_wstat32
signal
_read
_close
_open
_decode_pointer
tolower
isalnum
fprintf
ftell
_vsnprintf_s
ferror
fputc
memmove
strcat
fseek
fwrite
memcmp
fclose
fread
_wfopen
wcscat_s
_mbsinc
wcscat
_wcslwr_s
_resetstkoflw
_wcsupr_s
??8type_info@@QBE_NABV0@@Z
_mbsstr
_time64
rand
srand
_wcsicmp
wcstol
_beginthreadex
__wargv
__argc
wcsncpy_s
_waccess
printf
free
_wtoi
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
calloc
??2@YAPAXI@Z
wcschr
swprintf_s
_mbscmp
strlen
_recalloc
memmove_s
abs
labs
_mbsicmp
_invalid_parameter_noinfo
vswprintf_s
?what@exception@std@@UBEPBDXZ
memset
??_V@YAXPAX@Z
_vscwprintf
ceil
vsprintf_s
floor
_vscprintf
wcsrchr
wcscpy_s
_wtof
_mbschr
memcpy_s
wcslen
??0exception@std@@QAE@ABV01@@Z
wcsstr
wcsspn
memcpy
??0exception@std@@QAE@XZ
wcscmp
strcmp
wcscspn
atoi
malloc
__RTDynamicCast
_purecall
??3@YAXPAX@Z
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ws2_32
getsockname
getsockopt
inet_addr
connect
ioctlsocket
socket
WSASetLastError
WSAGetLastError
setsockopt
send
select
__WSAFDIsSet
accept
listen
recvfrom
sendto
gethostbyname
recv
ntohs
htons
closesocket
inet_ntoa
WSACleanup
bind
WSAStartup
winmm
timeGetTime
crypt32
CertDuplicateCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertOpenStore
CertGetCertificateContextProperty
CertFreeCertificateContext
Exports
Exports
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 676KB - Virtual size: 675KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 64KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE