c:\Temp\M_ShellE\MSEReg\Release.143\Win32\MSEReg.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0916b8b99f7a11f150b96aebddf9ec30N.exe
Resource
win7-20240729-en
windows7-x64
5 signatures
120 seconds
Behavioral task
behavioral2
Sample
0916b8b99f7a11f150b96aebddf9ec30N.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
4 signatures
120 seconds
General
-
Target
0916b8b99f7a11f150b96aebddf9ec30N.exe
-
Size
3.9MB
-
MD5
0916b8b99f7a11f150b96aebddf9ec30
-
SHA1
803270d01f20a6b007bfe2ee047ede68ffb3d111
-
SHA256
d754e9b72f9854c40afccd0cf9c5348d16662e7d64d21c3706b70640eb9ee34f
-
SHA512
dfc2729d2eb3fb4b5427bdcced7090cdfd71f1d1506a4676a25455872905f1ce75cf41de1acf6cea206eb2f3db669c732cae388be2abb954db2322fae0afdef4
-
SSDEEP
98304:UZBKG0cP9ue4FKidSVbRVKvZyrWLtwN6llZknUu0Vyd:UZI1I4hd4fYNl0Uu0V
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0916b8b99f7a11f150b96aebddf9ec30N.exe
Files
-
0916b8b99f7a11f150b96aebddf9ec30N.exe.exe windows:6 windows x86 arch:x86
19eb04f4175037badd65e4b254c7a8eb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
gdiplus
GdipCreateLineBrushI
GdipCreateFromHDC
GdipDeleteGraphics
GdipCreateSolidFill
GdipFillRectangle
GdipFillRectangleI
GdipFillPie
GdipDeleteBrush
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipSetSmoothingMode
GdipAlloc
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipFree
GdipDrawImageRectI
GdipCreateBitmapFromStream
kernel32
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
FlsGetValue
FlsAlloc
GetConsoleMode
GetConsoleOutputCP
ExitProcess
GetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
SetStdHandle
HeapQueryInformation
UnhandledExceptionFilter
ReleaseSRWLockExclusive
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
PeekNamedPipe
GetFileInformationByHandle
GetFileType
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
FormatMessageA
RaiseException
OutputDebugStringW
SetUnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
GetCommandLineW
LocalUnlock
LocalLock
ReplaceFileW
GetTempFileNameW
SearchPathW
GetProfileIntW
GetTickCount64
FindResourceExW
lstrcpyW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GlobalFlags
GetAtomNameW
AcquireSRWLockExclusive
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LocalAlloc
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CompareStringA
GetCurrentThread
GetVersionExW
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetCurrentThreadId
EncodePointer
lstrcmpA
FindNextFileW
SystemTimeToFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
LoadLibraryA
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetCurrentProcessId
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
GetCurrentProcess
GetUserDefaultLCID
LCMapStringW
GetACP
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
GetComputerNameW
CopyFileW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetWindowsDirectoryW
GetSystemDirectoryW
GetTickCount
GetSystemInfo
GlobalMemoryStatusEx
OpenProcess
CreateProcessW
Sleep
CreateMutexW
GetLastError
CloseHandle
GetTempPathW
SetFileAttributesW
RemoveDirectoryW
GetVolumeInformationW
GetShortPathNameW
GetLongPathNameW
GetLogicalDrives
GetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceW
CreateDirectoryW
GetCurrentDirectoryW
VerSetConditionMask
FindResourceW
SizeofResource
LockResource
LoadResource
FlsSetValue
FlsFree
IsThreadAFiber
WriteConsoleW
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
SetFilePointerEx
GetTimeZoneInformation
SetCurrentDirectoryW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
GetCommandLineA
user32
KillTimer
SetTimer
GetAsyncKeyState
CopyImage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
NotifyWinEvent
DrawFocusRect
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
LoadMenuW
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetTabbedTextExtentW
IsZoomed
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
WindowFromPoint
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
RegisterClipboardFormatW
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
IntersectRect
UnhookWindowsHookEx
CharUpperW
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongW
MessageBoxW
IsWindowEnabled
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetSysColor
FillRect
CopyRect
InflateRect
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
GetWindowTextLengthW
AppendMenuW
GetSystemMenu
EnableWindow
BringWindowToTop
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
LoadImageW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetDialogBaseUnits
DeleteMenu
WaitMessage
SetCapture
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
TrackMouseEvent
SetParent
GetKeyNameTextW
MapVirtualKeyW
UnionRect
ValidateRect
SetLayeredWindowAttributes
DestroyCursor
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
wsprintfW
PeekMessageW
SendMessageW
IsWindow
IsWindowVisible
IsIconic
GetSystemMetrics
DrawIcon
SetForegroundWindow
GetDC
ReleaseDC
InvalidateRect
GetWindowTextW
GetClientRect
GetWindowRect
MessageBeep
SetRect
SetRectEmpty
OffsetRect
IsRectEmpty
GetDesktopWindow
FindWindowW
EnumWindows
GetClassNameW
LoadBitmapW
LoadIconW
DestroyIcon
DrawIconEx
SystemParametersInfoW
PostMessageW
DrawMenuBar
EnumChildWindows
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
ModifyMenuW
GetMenuDefaultItem
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageW
LockWindowUpdate
GetDCEx
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
DrawEdge
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
EnumDisplayMonitors
gdi32
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
CopyMetaFileW
CreateDCW
CreateBitmap
CreateDIBPatternBrushPt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
CreateEnhMetaFileW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextAlign
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreateFontW
GetCharWidthW
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
Polyline
CreateRoundRectRgn
LPtoDP
OffsetRgn
GetCurrentObject
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextFaceW
CloseEnhMetaFile
Rectangle
GetStockObject
GetMetaFileW
GetDeviceCaps
DeleteMetaFile
CreateMetaFileW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CloseMetaFile
BitBlt
Polygon
RoundRect
ExtTextOutW
DeleteEnhMetaFile
Ellipse
msimg32
AlphaBlend
TransparentBlt
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW
advapi32
SetFileSecurityW
GetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegSetValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetUserNameW
shell32
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetFolderPathW
SHBrowseForFolderW
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHAddToRecentDocs
ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderLocation
ExtractIconW
ShellExecuteW
shlwapi
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathRemoveFileSpecW
UrlUnescapeW
StrFormatKBSizeW
PathRemoveExtensionW
PathStripToRootW
uxtheme
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText
GetThemeSysColor
ole32
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleSaveToStream
OleInitialize
CoFreeUnusedLibraries
OleRun
CreateILockBytesOnHGlobal
OleSave
OleLoad
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleCreate
CreateItemMoniker
CreateGenericComposite
CoGetMalloc
GetHGlobalFromILockBytes
WriteClassStm
OleRegEnumVerbs
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateFileMoniker
StgIsStorageFile
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleIsRunning
StgOpenStorage
StgCreateDocfile
OleLockRunning
OleSetMenuDescriptor
PropVariantCopy
OleSetContainedObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleQueryCreateFromData
OleUninitialize
CreateStreamOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleQueryLinkFromData
oleaut32
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayGetElemsize
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
SafeArrayDestroyDescriptor
VarDecFromStr
OleCreateFontIndirect
SafeArrayCreate
SafeArrayAllocData
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayPtrOfIndex
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SafeArrayAllocDescriptor
SafeArrayDestroyData
VarBstrFromDec
SysFreeString
VariantTimeToSystemTime
oledlg
OleUIBusyW
mpr
WNetGetConnectionW
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
wininet
InternetErrorDlg
InternetGetCookieW
InternetSetCookieW
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
GopherGetAttributeW
GopherOpenFileW
GopherFindFirstFileW
GopherCreateLocatorW
FtpCommandW
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryW
FtpRemoveDirectoryW
FtpCreateDirectoryW
FtpOpenFileW
FtpRenameFileW
FtpDeleteFileW
FtpPutFileW
FtpGetFileW
FtpFindFirstFileW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryOptionW
InternetFindNextFileW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
imm32
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext
winmm
PlaySoundW
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 677KB - Virtual size: 677KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fptable Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ