Static task
static1
Behavioral task
behavioral1
Sample
c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1
-
Size
4.0MB
-
MD5
5578ea9683abd6aeb5d99cf945cfb3c6
-
SHA1
b2ce38f752846aafeea85db36dacf8fcec3eefea
-
SHA256
c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1
-
SHA512
6c747fdb8a0497a1b88904a1ea3b7606e4ef4ba9ac64fdcff63397b7b93676c411281ea41c69fc2f6c7b9aceefacc8f202c3ea73dd4cd996184b0eb678ae72af
-
SSDEEP
24576:PgeOx3GGQOQpI9XorJEFSvPGETt1Jc1rapznGcZUZ2dOAApahCKET8kbGKNm:PgNx3GG8p6bFyZtDctaZnGk/OF1KE/m
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1
Files
-
c85f22294ef8ffe7cf2808f9fb55756490c3f15728eaf2aeadf89e1323d232e1.exe windows:4 windows x86 arch:x86
f20e75417a243f78354447d239926859
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTickCount
lstrlenA
GetProfileStringA
MultiByteToWideChar
CloseHandle
GetLastError
CreateMutexA
GetModuleFileNameA
CreateDirectoryA
lstrcmpA
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
Process32Next
Process32First
CreateToolhelp32Snapshot
CopyFileA
GetEnvironmentVariableA
DeleteFileA
WaitForSingleObject
WriteFile
CreateFileA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
WinExec
lstrcatA
GetProcAddress
MulDiv
lstrcpynA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FindResourceA
IsBadStringPtrW
IsBadStringPtrA
IsBadWritePtr
IsBadReadPtr
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
FreeResource
LockResource
LoadResource
SetThreadPriority
GetThreadPriority
ResumeThread
SuspendThread
SetLastError
GetCurrentThread
SetEvent
CreateEventA
GlobalFree
FindClose
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateSemaphoreA
ReleaseSemaphore
ReleaseMutex
WaitForMultipleObjects
PulseEvent
ResetEvent
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DuplicateHandle
GetCurrentProcess
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
VirtualProtect
GetProfileIntA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetPrivateProfileIntA
GlobalFlags
GetCPInfo
GetOEMCP
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
SizeofResource
OutputDebugStringA
SetErrorMode
FindResourceExA
GetTempFileNameA
GetDiskFreeSpaceA
lstrlenW
lstrcpyA
GlobalSize
lstrcpyW
RtlUnwind
DebugBreak
GetStdHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
HeapValidate
RaiseException
TerminateProcess
CreateThread
ExitThread
GetACP
SetConsoleCtrlHandler
FatalAppExitA
LCMapStringA
LCMapStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
HeapAlloc
HeapReAlloc
VirtualAlloc
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
user32
SetClipboardData
IsRectEmpty
RegisterWindowMessageA
PostMessageA
IsWindow
SendMessageA
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetDesktopWindow
GetWindowRect
GetWindowTextA
IsWindowVisible
GetClassNameA
FindWindowExA
GetWindow
MessageBoxA
FindWindowA
ShowWindow
GetSysColor
DrawFocusRect
SetWindowsHookExA
CreateWindowExA
GetDlgCtrlID
DestroyWindow
GetKeyState
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
InSendMessage
RegisterClipboardFormatA
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
GetWindowThreadProcessId
WaitMessage
UnpackDDElParam
GetClipboardFormatNameA
SetCursorPos
GetAsyncKeyState
CharUpperA
MsgWaitForMultipleObjects
wvsprintfA
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
CheckMenuRadioItem
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
RemoveMenu
ModifyMenuA
InsertMenuA
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextA
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
EmptyClipboard
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
InflateRect
SetRectEmpty
SetRect
PtInRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
OpenIcon
CloseWindow
PostThreadMessageA
MapDialogRect
TrackPopupMenuEx
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
SetCapture
GetActiveWindow
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
wsprintfA
UnregisterClassA
DefDlgProcA
IsWindowUnicode
WinHelpA
GetSubMenu
FillRect
ReleaseDC
CreateIconIndirect
GetDC
GetIconInfo
LoadImageA
GetUpdateRgn
GetUpdateRect
UpdateWindow
GetWindowDC
EndPaint
BeginPaint
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
IsZoomed
HiliteMenuItem
GetSystemMenu
DrawMenuBar
GetTopWindow
LoadBitmapA
UnregisterHotKey
GetSystemMetrics
GetCursorPos
DestroyMenu
DestroyCursor
DestroyIcon
FrameRect
SetCursor
SetMenu
GetMenu
EnableWindow
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
IsChild
GetParent
GetCapture
LoadMenuA
SetWindowLongA
MessageBeep
GetMessagePos
CopyIcon
LoadCursorA
DefWindowProcA
GetClassInfoA
GetWindowLongA
SystemParametersInfoA
ReleaseCapture
GetFocus
CharToOemA
OemToCharA
TabbedTextOutA
LoadStringA
PostQuitMessage
PeekMessageA
GetWindowPlacement
IsIconic
IntersectRect
OffsetRect
SetWindowPos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
GetWindowContextHelpId
CallNextHookEx
RegisterClassA
gdi32
SetBkColor
GetTextExtentPointA
DeleteMetaFile
CopyMetaFileA
EnumFontFamiliesExA
StretchDIBits
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
GetOutlineTextMetricsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
GetTextExtentPoint32A
TextOutA
ExtFloodFill
FloodFill
StretchBlt
PatBlt
RoundRect
Rectangle
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
PaintRgn
InvertRgn
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
CreateICA
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetClipBox
GetDCOrgEx
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateDCA
GetDeviceCaps
CreateDIBSection
GetObjectA
GetPixel
SetPixel
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
CreateDIBitmap
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
comdlg32
GetSaveFileNameA
GetOpenFileNameA
PageSetupDlgA
ChooseColorA
CommDlgExtendedError
PrintDlgA
GetFileTitleA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
RegCloseKey
RegQueryValueA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegOpenKeyExA
shell32
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ShellExecuteExA
SHFileOperationA
ShellExecuteA
SHGetSpecialFolderPathA
ExtractIconA
comctl32
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_Add
ImageList_GetImageCount
ord14
ImageList_Write
ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord13
ord8
ord17
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_DragEnter
ImageList_DragLeave
ImageList_SetImageCount
ImageList_Copy
ImageList_DrawIndirect
ImageList_Duplicate
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_AddMasked
oledlg
ord8
ord3
ord7
ord9
ord5
ord4
ord6
ole32
OleSetMenuDescriptor
DoDragDrop
OleRegEnumVerbs
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
OleGetClipboard
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleQueryLinkFromData
OleQueryCreateFromData
OleIsRunning
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
StgIsStorageILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
CreateStreamOnHGlobal
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
WriteFmtUserTypeStg
CoTreatAsClass
olepro32
ord253
oleaut32
VarCyFromStr
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
DosDateTimeToVariantTime
SysStringLen
LoadTypeLi
urlmon
URLDownloadToFileA
gdiplus
GdipCloneBrush
GdipDeleteBrush
GdipFree
GdipGetImageWidth
GdipGetImageHeight
GdipAlloc
GdipSetSolidFillColor
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDrawString
GdipDrawImage
GdipDrawImageRectRect
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateFont
GdipCreateSolidFill
GdipDeleteFont
winmm
PlaySoundA
unrar
RAROpenArchiveEx
RARProcessFile
RARCloseArchive
RARReadHeader
RARReadHeaderEx
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 164KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE