Static task
static1
Behavioral task
behavioral1
Sample
6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba.exe
Resource
win10v2004-20240802-en
General
-
Target
6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba
-
Size
564KB
-
MD5
96570c6e851981df88bb2db51d3e7480
-
SHA1
9669b8e98c542660303b7b5cf7f9e318689e819f
-
SHA256
6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba
-
SHA512
ba074be648dfbac126274fb971714dd99b9f18dfa162fae15390c0573c54a5f97f79ef469c9de2205575eed13888c9d5b1870ec6d380018ff1f23ef18083243e
-
SSDEEP
6144:ufqtT3TkVidn+A480LU9934BiwIe+GYEh7jDKSsJweHVe03F6cxyGWlBUuf9YIvN:RtT3TkG+Aph99XVUhuJweMDcxyG4FYyz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba
Files
-
6a947a1e93f6e6ea7f5a01a4ca339a7a16deb5dfb61b9232b6b729239ead82ba.exe windows:4 windows x86 arch:x86
af1ecb91efcb795979f6ee3037cba16e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RtlUnwind
TerminateProcess
HeapFree
ExitThread
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetTimeZoneInformation
GetSystemTime
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
ExitProcess
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetStartupInfoW
GlobalSize
FormatMessageW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceExW
FormatMessageA
FindResourceA
GlobalAddAtomA
GetProfileStringA
GetVersionExW
GetShortPathNameW
GetStringTypeExW
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
SetErrorMode
GlobalGetAtomNameW
GetThreadLocale
SizeofResource
GetProcessVersion
GetCurrentDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
lstrcmpiW
lstrcpynW
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
MulDiv
SetLastError
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GetModuleFileNameW
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
lstrlenW
GetCurrentThread
OpenMutexW
CreateFileW
ReadFile
GetTickCount
Sleep
MoveFileW
CopyFileW
GetFileAttributesW
SetFileAttributesW
lstrcmpW
RemoveDirectoryW
DeleteFileW
GetSystemInfo
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
GetLastError
LoadLibraryW
LocalFree
OpenProcess
GetCurrentProcess
CreateThread
GetSystemDirectoryW
GetModuleHandleA
CreateFileA
GetFileInformationByHandle
CloseHandle
GetModuleHandleW
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
OutputDebugStringW
user32
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
CharUpperW
InflateRect
RegisterClipboardFormatW
RemoveMenu
wvsprintfW
PostThreadMessageW
DestroyIcon
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthW
GetDlgCtrlID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
LoadMenuW
OffsetRect
IntersectRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
CharNextW
LoadBitmapW
SetRect
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageW
GetCursorPos
LoadIconW
SendMessageW
AppendMenuW
GetSystemMenu
DrawIcon
GetClientRect
GetDlgItemInt
GetSystemMetrics
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageW
GetWindowTextW
GetWindowTextA
GetDesktopWindow
EnumChildWindows
EnumWindows
IsWindowVisible
GetParent
GetWindowLongW
GetWindowThreadProcessId
EnumDesktopWindows
MessageBoxW
OpenWindowStationW
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
MessageBeep
RegisterWindowMessageW
GetNextDlgGroupItem
SetProcessWindowStation
CloseWindowStation
IsIconic
EnableWindow
CloseDesktop
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
SetThreadDesktop
GetThreadDesktop
OpenDesktopW
OpenInputDesktop
GetUserObjectInformationW
GetProcessWindowStation
GetDialogBaseUnits
GetSysColorBrush
GetMenuStringW
DeleteMenu
InsertMenuW
GetMenuState
CopyAcceleratorTableW
PtInRect
GetClassNameW
WindowFromPoint
WaitMessage
ReleaseCapture
SetCapture
LoadCursorW
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
LoadStringW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
UpdateWindow
CheckRadioButton
GetMenuCheckMarkDimensions
CheckDlgButton
gdi32
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
SetWindowExtEx
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
SelectClipRgn
ExtTextOutW
Escape
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetRectRgn
CombineRgn
CreateRectRgnIndirect
CopyMetaFileW
CreateDCW
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocW
DeleteDC
GetObjectW
TextOutW
ScaleWindowExtEx
ExtTextOutA
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
SetBkColor
SetTextColor
GetClipBox
ExtCreatePen
CreateBitmap
GetDCOrgEx
comdlg32
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
advapi32
RegEnumValueW
RegSetValueExA
RegQueryValueExA
RegConnectRegistryW
RegEnumKeyW
RegQueryValueW
RegSetValueW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyW
GetUserNameW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
shell32
SHGetFileInfoW
DragQueryFileW
DragFinish
DragAcceptFiles
ExtractIconW
comctl32
ord17
oledlg
OleUIBusyW
ole32
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleDuplicateData
olepro32
ord253
oleaut32
SafeArrayDestroy
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromDate
VarDateFromStr
VarBstrFromCy
VarCyFromStr
SysAllocStringByteLen
SysStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi
SafeArrayUnlock
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 452KB - Virtual size: 451KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ