_MainWndProc@16
_StubFileWrite@12
Static task
static1
Behavioral task
behavioral1
Sample
$R43ZM6W.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
$R43ZM6W.exe
Resource
win10v2004-20240226-en
Target
$R43ZM6W.exe.zip
Size
1.4MB
MD5
332d6f9a4b17eae3c2d400f4a4ed606f
SHA1
740c2b37839fd37dbb70a0ccece9143a6276bde0
SHA256
69fbbe6d1db641463e823757581ed4a112e81d2046c7e6a8694e1476f5f933c2
SHA512
22edb5d35818299cd5bf47de2782a86ce0c024c546f4d037bfafda7d3ac39f91399ad3d846a1f6cf84afe5c9be3e2492ddcc3086860216d4fe9f94392d3d17f7
SSDEEP
24576:vAWhr6cNTV5tkKTxvs+VyvbGAIdvE37Yj3x1XWw1yE2SimKY7mITB2CYlgPOUKf2:fhrfz+KTKlvsvE8BIw1yjSiC7tB2JmO2
Checks for missing Authenticode signature.
resource |
---|
unpack001/$R43ZM6W.exe |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
lstrcpyA
GetCommandLineA
SetErrorMode
lstrlenA
MulDiv
GetTempFileNameA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
_lopen
GlobalAlloc
GlobalFree
_lclose
_lcreat
LoadLibraryA
GetProcAddress
FreeLibrary
OpenFile
GetVersionExA
GetCurrentProcess
WinExec
ExitProcess
_lread
LocalFree
GetTempPathA
GlobalLock
GetDC
BeginPaint
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
DrawTextA
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
wsprintfA
MessageBoxA
ExitWindowsEx
RegisterClassA
LoadCursorA
DeleteObject
GetStockObject
GetDeviceCaps
PatBlt
CreateSolidBrush
TextOutA
SetTextColor
SetBkMode
SelectObject
StretchDIBits
CreateFontA
RealizePalette
SelectPalette
CreatePalette
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
_MainWndProc@16
_StubFileWrite@12
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ