Static task
static1
Behavioral task
behavioral1
Sample
24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
General
-
Target
24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c.exe
-
Size
22.1MB
-
MD5
dbce1515871a52c3e60a9c1573d1bf18
-
SHA1
ca51beaa13cba092aaaeac3e0fc056fe10ceab17
-
SHA256
24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c
-
SHA512
cf554da21c66ac514f26fac41e698fccf8f6ba1e31c850d61d8c4678ab283a21fc0d54c9761e71f0eb966d21093d9d74e4072b354ef2b337b8c62f2fa603867b
-
SSDEEP
393216:SKz46UErKyqWQxLnOs3IJsv6tWKFdu9CDY+spJYmAaXPK1bAp:SPMD4LOs3og3Aai6p
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c.exe
Files
-
24c1b5670a668f6530d08788456a68d0be1c727adc8581c5e4ab1cb1e0ebd09c.exe.exe windows:6 windows x86 arch:x86
c59cbad8457b151ccc287f8cb2c6cd8f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmSetCandidateWindow
ImmGetVirtualKey
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
oleaut32
SysAllocString
VariantInit
SafeArrayPutElement
SafeArrayCreateVector
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
SysFreeString
LoadTypeLi
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
shlwapi
StrChrW
StrFormatKBSizeW
PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
gdi32
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectObject
SelectClipRgn
GetRegionData
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
GetDIBits
CopyMetaFileW
SetBkColor
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
GetRgnBox
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetROP2
CreateHatchBrush
GetLayout
SetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreatePatternBrush
CreatePen
SetPolyFillMode
uxtheme
GetThemePartSize
DrawThemeParentBackground
GetThemeInt
GetThemeEnumValue
GetThemeMargins
DrawThemeText
GetThemeColor
OpenThemeData
DrawThemeBackground
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
IsAppThemed
GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
IsThemeActive
ord47
dwmapi
DwmEnableBlurBehindWindow
DwmIsCompositionEnabled
ole32
RegisterDragDrop
CoLockObjectExternal
CoCreateInstance
CoInitializeEx
CoUninitialize
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CreateStreamOnHGlobal
CoDisconnectObject
OleDuplicateData
CoCreateGuid
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
CoTaskMemAlloc
StringFromGUID2
advapi32
CryptDestroyHash
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptEnumProvidersW
CryptSignHashW
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
ReportEventW
RegisterEventSourceW
DeregisterEventSource
CreateWellKnownSid
CreateProcessAsUserW
StartServiceW
OpenServiceW
OpenSCManagerW
EnumServicesStatusExW
CloseServiceHandle
LookupAccountSidW
CryptHashData
CryptCreateHash
CryptDecrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
SystemFunction036
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetLengthSid
GetTokenInformation
MapGenericMask
user32
GetDoubleClickTime
GetDesktopWindow
GetSysColor
ReleaseDC
GetDC
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSystemMetrics
MessageBoxW
EnumWindows
GetWindowTextLengthW
GetWindowTextW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
ExitWindowsEx
wsprintfW
wsprintfA
DestroyCursor
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
UnregisterClassW
GetClassInfoW
RegisterClassExW
GetFocus
GetClientRect
GetCursorPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
MessageBeep
GetMonitorInfoW
EnumDisplayMonitors
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
PostMessageW
AttachThreadInput
CreateWindowExW
IsChild
ShowWindow
UpdateLayeredWindow
SetLayeredWindowAttributes
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
LoadIconW
IsHungAppWindow
HideCaret
FlashWindowEx
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetSystemMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetWindowRect
AdjustWindowRectEx
ChangeWindowMessageFilterEx
RealGetWindowClassW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
EnumDisplayDevicesW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
SetCursor
ClientToScreen
ScreenToClient
GetUserObjectInformationW
GetProcessWindowStation
MsgWaitForMultipleObjects
GetWindowRgn
IsWindow
GetWindowLongW
SetWindowLongW
GetParent
SetParent
GetWindowThreadProcessId
MonitorFromWindow
GetWindow
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterDeviceNotificationW
UnregisterDeviceNotification
CharNextExA
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
EnableWindow
GetLastActivePopup
GetMessageW
GetActiveWindow
ValidateRect
CharUpperW
GetDlgCtrlID
PtInRect
GetClassNameW
RealChildWindowFromPoint
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
UpdateWindow
SetActiveWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
MapWindowPoints
CopyRect
EqualRect
GetClassLongW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
CheckDlgButton
IsDialogMessageW
PostQuitMessage
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
FillRect
InflateRect
CopyImage
SendDlgItemMessageA
SetRectEmpty
OffsetRect
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
MapDialogRect
ShowOwnedPopups
DeleteMenu
IntersectRect
GetNextDlgGroupItem
DrawFocusRect
IsRectEmpty
EnableScrollBar
InvertRect
NotifyWinEvent
GetMenuDefaultItem
GetKeyNameTextW
LoadMenuW
DrawStateW
SetClassLongW
DrawEdge
DrawFrameControl
BringWindowToTop
CopyIcon
FrameRect
DrawIcon
UnionRect
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetRect
LockWindowUpdate
SetMenuDefaultItem
CharUpperBuffW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
kernel32
GetDriveTypeW
GetConsoleWindow
CompareStringEx
GetCommandLineW
GetSystemTime
GetLocalTime
OutputDebugStringW
IsProcessorFeaturePresent
SetEvent
WaitForSingleObjectEx
GetSystemDirectoryW
DuplicateHandle
WaitForMultipleObjects
SwitchToThread
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
ResetEvent
GetProcessHeap
CreateFileA
CreateFileW
ReadFile
WriteFile
CloseHandle
GetLastError
DeviceIoControl
InitializeCriticalSectionEx
CreateEventW
Sleep
GetCurrentProcess
ExitProcess
GetTickCount
GetWindowsDirectoryW
VirtualAlloc
VirtualFree
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GlobalAlloc
GlobalUnlock
GlobalLock
lstrcmpiW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
VirtualProtect
WriteProcessMemory
LoadLibraryW
lstrcatW
ContinueDebugEvent
WaitForDebugEvent
SetLastError
WaitForSingleObject
TerminateProcess
InitializeProcThreadAttributeList
DeleteProcThreadAttributeList
UpdateProcThreadAttribute
LocalAlloc
LocalFree
lstrcpyW
lstrcmpW
FormatMessageW
WTSGetActiveConsoleSessionId
GetLongPathNameW
ExpandEnvironmentStringsW
CreateProcessW
CheckRemoteDebuggerPresent
OpenProcess
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetUserDefaultLangID
GetFileSize
SetFilePointer
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetFileAttributesExW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
CompareStringW
LCMapStringW
GetStartupInfoW
GetCurrentDirectoryW
CreateDirectoryW
CreateMutexW
ReleaseMutex
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
SetEnvironmentVariableW
EnumSystemLocalesW
IsValidLocale
SetConsoleCtrlHandler
PeekNamedPipe
VirtualQuery
HeapQueryInformation
GetConsoleOutputCP
SetStdHandle
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
InterlockedPushEntrySList
GetVolumePathNamesForVolumeNameW
CopyFileW
MoveFileW
GetVolumeInformationW
SetErrorMode
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetACP
GetEnvironmentVariableW
GetStdHandle
GetSystemDirectoryA
TryAcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
lstrlenW
MapViewOfFileEx
InitializeSRWLock
GetTempFileNameW
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
GetUserDefaultUILanguage
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
SetEndOfFile
SetFilePointerEx
UnregisterWaitEx
RegisterWaitForSingleObject
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
MultiByteToWideChar
FindFirstFileExW
FindNextFileW
FreeLibrary
SystemTimeToTzSpecificLocalTime
SetFileAttributesW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetVersionExW
GlobalFindAtomW
GlobalDeleteAtom
GlobalFlags
LoadLibraryExW
UnlockFile
LockFile
GlobalAddAtomW
GlobalGetAtomNameW
lstrcmpA
LocalReAlloc
GlobalHandle
GlobalReAlloc
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
InitializeCriticalSection
MulDiv
GlobalFree
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetExitCodeProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
FormatMessageA
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
OutputDebugStringA
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
shell32
SHGetStockIconInfo
ord727
ShellExecuteW
SHCreateItemFromIDList
SHCreateItemFromParsingName
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
SHGetFileInfoW
ord680
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
ntdll
RtlAllocateHeap
memchr
_aulldiv
strtol
qsort
strncpy
strrchr
_allmul
strncmp
wcsncmp
strstr
toupper
wcsstr
_aullshr
wcsrchr
_alldiv
_alloca_probe
strcmp
NtRemoveProcessDebug
NtQueryInformationProcess
NtDuplicateObject
NtClose
DbgUiSetThreadDebugObject
_chkstk
strlen
ceil
_aulldvrm
atoi
bsearch
floor
_allshl
_aullrem
_allrem
strchr
isdigit
isspace
_allshr
RtlUnwind
NtQueryVirtualMemory
memset
memmove
RtlFreeHeap
memcpy
msimg32
TransparentBlt
AlphaBlend
iphlpapi
GetAdaptersAddresses
ws2_32
send
setsockopt
shutdown
getsockname
WSAIoctl
WSAStringToAddressW
getaddrinfo
freeaddrinfo
InetNtopW
bind
socket
select
connect
recv
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSAWaitForMultipleEvents
inet_addr
inet_ntoa
gethostbyaddr
gethostbyname
getservbyport
getservbyname
ioctlsocket
ntohl
htons
htonl
getsockopt
closesocket
__WSAFDIsSet
WSAGetLastError
ntohs
WSAAsyncSelect
WSACleanup
WSAStartup
WSASetLastError
crypt32
CertGetCertificateContextProperty
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
rpcrt4
RpcRaiseException
RpcAsyncInitializeHandle
RpcAsyncCompleteCall
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcBindingFree
NdrAsyncClientCall
gdiplus
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdiplusShutdown
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImagePalette
GdipSetInterpolationMode
GdipDrawImageRectI
oleacc
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
bcrypt
BCryptGenRandom
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
winmm
timeKillEvent
timeGetDevCaps
timeGetTime
PlaySoundW
timeSetEvent
timeEndPeriod
timeBeginPeriod
netapi32
NetApiBufferFree
NetShareEnum
userenv
GetUserProfileDirectoryW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 10.6MB - Virtual size: 10.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7.8MB - Virtual size: 7.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3.2MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 457KB - Virtual size: 457KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ