Static task
static1
Behavioral task
behavioral1
Sample
2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0.exe
Resource
win10v2004-20240226-en
General
-
Target
2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0
-
Size
2.2MB
-
MD5
8fc55dc967e7cc363e3d2c61cd7fc86a
-
SHA1
a97a131e8a1516dfaf563acbf4e164a2c13cd935
-
SHA256
2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0
-
SHA512
56a4e1e6e5b9a0d7e340c3e8b35364d4fc3e841f95cd45863393d3408b75674d9e292d6a9acbc32d5a668995313b2d6cdd5c988fc3b6be29307c00348ff1f798
-
SSDEEP
24576:48T3jxLKabmrSupJsoGhOK4Y3q9lKe13BFOupThTgors7ttWYCSzV6TcT/nNrnnL:P7bExXIy3BFOuFhTkL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0
Files
-
2f492549dbaf100c726fabdd9944ae76a4c56f9b41b64b0ad2b04037940de4a0.exe windows:4 windows x86 arch:x86
70d1bbcba3fc04c9082b3bf5d17201ed
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InterlockedIncrement
GetSystemTimeAsFileTime
GetSystemTime
GetCurrentProcessId
QueryPerformanceCounter
FreeLibrary
FormatMessageA
GetFullPathNameW
GetFullPathNameA
GetFileAttributesW
GetTempPathW
GetCurrentThreadId
LockFileEx
LockFile
UnlockFile
FlushFileBuffers
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
DeleteCriticalSection
CreateEventW
InitializeCriticalSection
CreateThread
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetACP
GetOEMCP
MultiByteToWideChar
GetFileSize
Sleep
SetEndOfFile
GetLastError
GetModuleHandleW
GetTickCount
GetStartupInfoW
CreateDirectoryW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetVersionExW
WideCharToMultiByte
CopyFileW
GetLocalTime
WriteFile
SetFilePointer
ReadFile
CreateFileW
CloseHandle
FileTimeToSystemTime
DeleteFileW
RemoveDirectoryW
GetLogicalDrives
FindFirstFileW
FindNextFileW
FindClose
GetTempPathA
user32
SetWindowTextW
GetWindowTextLengthW
LoadIconW
SetTimer
LoadImageW
keybd_event
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
SetForegroundWindow
FindWindowW
RegisterClassW
TrackPopupMenu
GetCursorPos
ClientToScreen
PtInRect
ScreenToClient
GetAsyncKeyState
DefWindowProcW
PostQuitMessage
KillTimer
UpdateWindow
InvalidateRect
BeginPaint
FillRect
DrawTextW
EndPaint
GetWindowTextW
DestroyIcon
EnableWindow
GetWindowRect
SetWindowPos
GetScrollInfo
ScrollWindowEx
CreatePopupMenu
DrawMenuBar
EndDialog
CallWindowProcW
GetClientRect
SetScrollInfo
DestroyMenu
DialogBoxParamW
GetForegroundWindow
MessageBoxW
GetMenu
LoadMenuW
CreateMenu
SetMenu
AppendMenuW
InsertMenuW
CheckMenuItem
EnableMenuItem
DeleteMenu
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
wsprintfW
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDoubleClickTime
ShowWindow
DestroyWindow
ModifyMenuW
GetSubMenu
GetSystemMetrics
MoveWindow
CreateWindowExW
SetFocus
LoadCursorW
SetCursor
ShowCursor
SendMessageW
gdi32
SetBkMode
CreateSolidBrush
DeleteDC
EnumFontFamiliesW
GetObjectW
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC
CreateFontIndirectW
SelectObject
GetTextMetricsW
GetBkColor
MaskBlt
SetStretchBltMode
SetBrushOrgEx
BitBlt
StretchBlt
SetEnhMetaFileBits
SetWinMetaFileBits
GetEnhMetaFileHeader
GetStockObject
PlayEnhMetaFile
DeleteEnhMetaFile
CreateDIBSection
SetBkColor
GetTextExtentPoint32W
SetTextColor
advapi32
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
shell32
DragQueryFileW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
ShellExecuteExW
SHGetSpecialFolderPathW
DragAcceptFiles
comctl32
ord17
ImageList_Destroy
ImageList_LoadImageW
InitCommonControlsEx
msimg32
AlphaBlend
TransparentBlt
msvcrt
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
_XcptFilter
_exit
__dllonexit
fclose
strtod
_iob
strncpy
fread
_CIpow
abort
getenv
sscanf
fprintf
exit
memcpy
memset
localtime
_onexit
calloc
wcscpy
wcscat
??2@YAPAXI@Z
??3@YAXPAX@Z
wcscmp
_wcslwr
wcslen
wcsncmp
swprintf
wcsncpy
_wtoi
strncmp
_ftol
free
realloc
malloc
setlocale
__CxxFrameHandler
_setjmp3
longjmp
wcsstr
atoi
qsort
_wcsupr
swscanf
wcsncat
strstr
sprintf
_pctype
_isctype
__mb_cur_max
memmove
toupper
tolower
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 168KB - Virtual size: 167KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 468KB - Virtual size: 684KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 384KB - Virtual size: 383KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ