Static task
static1
Behavioral task
behavioral1
Sample
37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35
-
Size
41KB
-
MD5
f5dfeebed2a8381c315997c63c66d52b
-
SHA1
ab8b7cc7f093de304e75a85b5ead06080940dd87
-
SHA256
37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35
-
SHA512
95a016f660504d3cd17bb04163fd1a01cb7e034fb7cfc7970a547f20b9d7d1764937307befe1893197e2bdd7344e781a2a343e3595fa6ad308ed3995a91d1b14
-
SSDEEP
768:Bm/Z6XKJhwU/tH70am0aNyBMS0vrXl4kt5d/SB:Bm/Hn/tHDCNiMSYGB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35
Files
-
37814d0af40ea71d762bdb16620500d68d0510356376e27a4c3982915cae6b35.exe windows:4 windows x86 arch:x86
d8e3815a82a2380573107fc688623415
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
rtl100.bpl
@System@initialization$qqrv
@System@Finalization$qqrv
@System@RegisterModule$qqrp17System@TLibModule
@System@@FinalizeArray$qqrpvt1ui
@System@@WStrAddRef$qqrr17System@WideString
@System@@WStrCopy$qqrx17System@WideStringii
@System@@WStrCmp$qqrv
@System@@WStrLen$qqrx17System@WideString
@System@@WStrFromLStr$qqrr17System@WideStringx17System@AnsiString
@System@@WStrLAsg$qqrr17System@WideStringx17System@WideString
@System@@WStrAsg$qqrr17System@WideStringx17System@WideString
@System@@WStrArrayClr$qqrpvi
@System@@WStrClr$qqrpv
@System@@LStrToPChar$qqrx17System@AnsiString
@System@@LStrLen$qqrx17System@AnsiString
@System@@LStrFromWStr$qqrr17System@AnsiStringx17System@WideString
@System@@LStrArrayClr$qqrpvi
@System@@LStrClr$qqrpv
@System@@Halt0$qqrv
@System@@StartExe$qqrp23System@PackageInfoTablep17System@TLibModule
@System@@HandleFinally$qqrv
@System@TObject@Dispatch$qqrpv
@System@@CallDynaInst$qqrv
@System@TObject@Free$qqrv
@System@TObject@$bctr$qqrv
@System@TObject@FreeInstance$qqrv
@System@TObject@NewInstance$qqrp17System@TMetaClass
@$xp$14System@Variant
@$xp$17System@WideString
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@Date$qqrv
@Sysutils@DecodeDate$qqrx16System@TDateTimerust2t2
@Sysutils@StrToInt$qqrx17System@AnsiString
@Sysutils@IntToStr$qqri
@Helpintfs@initialization$qqrv
@Helpintfs@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TComponent@UpdateRegistry$qqrp17System@TMetaClassox17System@AnsiStringt3
@Classes@TComponent@SafeCallException$qqrp14System@TObjectpv
@Classes@TComponent@WriteState$qqrp15Classes@TWriter
@Classes@TPersistent@Assign$qqrp19Classes@TPersistent
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Variants@VarArrayOf$qqrpx14System@Variantxi
@Variants@@VarFromInt$qqrr8TVarDataxixzc
@Variants@@VarClr$qqrr8TVarData
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Multimon@initialization$qqrv
@Multimon@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Uxtheme@initialization$qqrv
@Uxtheme@Finalization$qqrv
@Dwmapi@initialization$qqrv
@Dwmapi@Finalization$qqrv
@Flatsb@initialization$qqrv
@Flatsb@Finalization$qqrv
@Widestrings@initialization$qqrv
@Widestrings@Finalization$qqrv
@Widestrings@TWideStrings@SetCommaText$qqrx17System@WideString
@Widestrings@TWideStringList@
@Comobj@initialization$qqrv
@Comobj@Finalization$qqrv
@Mapi@initialization$qqrv
@Mapi@Finalization$qqrv
kernel32
GetModuleHandleA
GetCurrentProcessId
FreeLibrary
user32
SendMessageA
vcl100.bpl
@Forms@initialization$qqrv
@Forms@Finalization$qqrv
@Forms@TApplicationHelper@SetMainFormOnTaskBar$qqrxo
@Forms@TApplication@Run$qqrv
@Forms@TApplication@CreateForm$qqrp17System@TMetaClasspv
@Forms@TApplication@Initialize$qqrv
@Forms@TCustomForm@QueryInterface$qqsrx5_GUIDpv
@Forms@TCustomForm@RequestAlign$qqrv
@Forms@TCustomForm@ShowModal$qqrv
@Forms@TCustomForm@SetFocus$qqrv
@Forms@TCustomForm@CloseQuery$qqrv
@Forms@TCustomForm@Close$qqrv
@Forms@TCustomForm@Resizing$qqr18Forms@TWindowState
@Forms@TCustomForm@PaintWindow$qqrui
@Forms@TCustomForm@SetFocusedControl$qqrp20Controls@TWinControl
@Forms@TCustomForm@DestroyHandle$qqrv
@Forms@TCustomForm@CreateWnd$qqrv
@Forms@TCustomForm@CreateParams$qqrr22Controls@TCreateParams
@Forms@TCustomForm@AlignControls$qqrp17Controls@TControlr11Types@TRect
@Forms@TCustomForm@WndProc$qqrr17Messages@TMessage
@Forms@TCustomForm@ValidateRename$qqrp18Classes@TComponentx17System@AnsiStringt2
@Forms@TCustomForm@SetParent$qqrp20Controls@TWinControl
@Forms@TCustomForm@WantChildKey$qqrp17Controls@TControlr17Messages@TMessage
@Forms@TCustomForm@SetParentBiDiMode$qqro
@Forms@TCustomForm@GetFloating$qqrv
@Forms@TCustomForm@GetClientRect$qqrv
@Forms@TCustomForm@ReadState$qqrp15Classes@TReader
@Forms@TCustomForm@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Forms@TCustomForm@DoDestroy$qqrv
@Forms@TCustomForm@DoCreate$qqrv
@Forms@TCustomForm@$bdtr$qqrv
@Forms@TCustomForm@BeforeDestruction$qqrv
@Forms@TCustomForm@$bctr$qqrp18Classes@TComponenti
@Forms@TCustomForm@AfterConstruction$qqrv
@Forms@TScrollingWinControl@AdjustClientRect$qqrr11Types@TRect
@Forms@TScrollingWinControl@AutoScrollInView$qqrp17Controls@TControl
@Forms@TScrollingWinControl@AutoScrollEnabled$qqrv
@Forms@Application
@Actnlist@initialization$qqrv
@Actnlist@Finalization$qqrv
@Graphics@initialization$qqrv
@Graphics@Finalization$qqrv
@Themes@initialization$qqrv
@Themes@Finalization$qqrv
@Controls@initialization$qqrv
@Controls@Finalization$qqrv
@Controls@TWinControl@UpdateControlOriginalParentSize$qqrp17Controls@TControlr12Types@TPoint
@Controls@TWinControl@DockReplaceDockClient$qqrp17Controls@TControlp20Controls@TWinControlt115Controls@TAlignt1
@Controls@TWinControl@SetParentBackground$qqro
@Controls@TWinControl@CanAutoSize$qqrrit1
@Controls@TWinControl@AssignTo$qqrp19Classes@TPersistent
@Controls@TWinControl@ConstrainedResize$qqrrit1t1t1
@Controls@TWinControl@CanResize$qqrrit1
@Controls@TWinControl@GetClientOrigin$qqrv
@Controls@TWinControl@GetControlExtents$qqrv
@Controls@TWinControl@GetHandle$qqrv
@Controls@TWinControl@Repaint$qqrv
@Controls@TWinControl@Update$qqrv
@Controls@TWinControl@Invalidate$qqrv
@Controls@TWinControl@GetDeviceContext$qqrrui
@Controls@TWinControl@ShowControl$qqrp17Controls@TControl
@Controls@TWinControl@SetBounds$qqriiii
@Controls@TWinControl@CustomAlignPosition$qqrp17Controls@TControlrit2t2t2r11Types@TRectrx19Controls@TAlignInfo
@Controls@TWinControl@CustomAlignInsertBefore$qqrp17Controls@TControlt1
@Controls@TWinControl@CreateHandle$qqrv
@Controls@TWinControl@DestroyWnd$qqrv
@Controls@TControl@InitiateAction$qqrv
@Controls@TControl@GetFloatingDockSiteClass$qqrv
@Controls@TControl@SetBiDiMode$qqr17Classes@TBiDiMode
@Controls@TControl@SetEnabled$qqro
@Controls@TControl@SetVisible$qqro
@Controls@TControl@SetName$qqrx17System@AnsiString
@Controls@TControl@SetAutoSize$qqro
@Controls@TControl@SetDragMode$qqr18Controls@TDragMode
@Controls@TControl@GetAction$qqrv
@Controls@TControl@GetEnabled$qqrv
@Controls@TControl@GetDragImages$qqrv
@Menus@initialization$qqrv
@Menus@Finalization$qqrv
@Dialogs@initialization$qqrv
@Dialogs@Finalization$qqrv
@Printers@initialization$qqrv
@Printers@Finalization$qqrv
@Extctrls@initialization$qqrv
@Extctrls@Finalization$qqrv
@Graphutil@initialization$qqrv
@Graphutil@Finalization$qqrv
@Clipbrd@initialization$qqrv
@Clipbrd@Finalization$qqrv
@Buttons@initialization$qqrv
@Buttons@Finalization$qqrv
@Comctrls@initialization$qqrv
@Comctrls@Finalization$qqrv
@Extactns@initialization$qqrv
@Extactns@Finalization$qqrv
@Extdlgs@initialization$qqrv
@Extdlgs@Finalization$qqrv
@Olectrls@initialization$qqrv
@Olectrls@Finalization$qqrv
@Axctrls@initialization$qqrv
@Axctrls@Finalization$qqrv
@Oleserver@initialization$qqrv
@Oleserver@Finalization$qqrv
@Olectnrs@initialization$qqrv
@Olectnrs@Finalization$qqrv
sactunicodevcl.bpl
@Tntsystem@initialization$qqrv
@Tntsystem@Finalization$qqrv
@Tntsystem@WideParamStr$qqri
@Tntsysutils@initialization$qqrv
@Tntsysutils@Finalization$qqrv
@Tntclasses@initialization$qqrv
@Tntclasses@Finalization$qqrv
@Tntwindows@initialization$qqrv
@Tntwindows@Finalization$qqrv
@Md5@initialization$qqrv
@Md5@Finalization$qqrv
@Tntinifiles@initialization$qqrv
@Tntinifiles@Finalization$qqrv
@Tntforms@initialization$qqrv
@Tntforms@Finalization$qqrv
@Tntforms@TTntForm@UpdateActions$qqrv
@Tntforms@TTntForm@Loaded$qqrv
@Tntforms@TTntForm@SetCaption$qqrx17System@WideString
@Tntforms@TTntForm@DefaultHandler$qqrpv
@Tntforms@TTntForm@DefineProperties$qqrp14Classes@TFiler
@Tntforms@TTntForm@DestroyWindowHandle$qqrv
@Tntforms@TTntForm@CreateWindowHandle$qqrrx22Controls@TCreateParams
@Tntforms@TTntForm@$bctr$qqrp18Classes@TComponent
@$xp$17Tntforms@TTntForm
@Tntforms@TTntForm@
@Tntcontrols@initialization$qqrv
@Tntcontrols@Finalization$qqrv
@Tntmenus@initialization$qqrv
@Tntmenus@Finalization$qqrv
@Tntdialogs@initialization$qqrv
@Tntdialogs@Finalization$qqrv
@Tntstdctrls@TTntCustomLabel@SetCaption$qqrx17System@WideString
@Tntstdctrls@TTntCustomEdit@GetText$qqrv
@Tntstdctrls@TTntCustomEdit@SetPasswordChar$qqrxb
@Tntcomctrls@initialization$qqrv
@Tntcomctrls@Finalization$qqrv
@Sactprinters@initialization$qqrv
@Sactprinters@Finalization$qqrv
@Tntclipbrd@initialization$qqrv
@Tntclipbrd@Finalization$qqrv
@Tntdbgrids@initialization$qqrv
@Tntdbgrids@Finalization$qqrv
sactctrls.bpl
@Sactfunctions@initialization$qqrv
@Sactfunctions@Finalization$qqrv
@Sactfunctions@HyBase64Decode$qqrx17System@AnsiStringt1
@Sactfunctions@SActFileExists$qqrx17System@WideString
@Sactfunctions@SActShowMessageW$qqrx17System@WideStringt1t1i19Dialogs@TMsgDlgType
@Sactfunctions@WideStringToUTF8$qqrx17System@WideString
@Sactfunctions@IconLoadFromFile$qqrp14Graphics@TIcon17System@WideString
@Sactfunctions@SActApplicationTerminate$qqrv
@Sactgetopenedfilelist@initialization$qqrv
@Sactgetopenedfilelist@Finalization$qqrv
@Sactshowmessage@initialization$qqrv
@Sactshowmessage@Finalization$qqrv
@Sactpanelu@initialization$qqrv
@Sactpanelu@Finalization$qqrv
@Sactpanelu@TSActBitBtn@
@Sactpanelu@TSActLabel@
@Sactpanelu@TSActCEdit@
@Sactpanelu@TSActTimer@
@Runingproclist@ProcessFileNameW$qqrui
@Big5gb@initialization$qqrv
@Big5gb@Finalization$qqrv
@Sactcalendar@initialization$qqrv
@Sactcalendar@Finalization$qqrv
@Sactfunctionsunit@initialization$qqrv
@Sactfunctionsunit@Finalization$qqrv
@Sactmemtable@initialization$qqrv
@Sactmemtable@Finalization$qqrv
@Webclientsocket@initialization$qqrv
@Webclientsocket@Finalization$qqrv
@Httpserver@initialization$qqrv
@Httpserver@Finalization$qqrv
@Webreg@initialization$qqrv
@Webreg@Finalization$qqrv
@Webreg@_CEO_OTPTable
@Sactotp@OTPSecretMD5Str$qqr17System@AnsiString
@Sactotp@CalculateOTPStr$qqrx17System@AnsiStringxi
@Threadcpuid@initialization$qqrv
@Threadcpuid@Finalization$qqrv
@Sactdbgridu@initialization$qqrv
@Sactdbgridu@Finalization$qqrv
@Activexfunctions@initialization$qqrv
@Activexfunctions@Finalization$qqrv
@Iphlpapi@initialization$qqrv
@Iphlpapi@Finalization$qqrv
@Sactdatatran@initialization$qqrv
@Sactdatatran@Finalization$qqrv
@Touchinput@initialization$qqrv
@Touchinput@Finalization$qqrv
sactqr.bpl
@Qrprev@initialization$qqrv
@Qrprev@Finalization$qqrv
@Qrextra@initialization$qqrv
@Qrextra@Finalization$qqrv
@Qrexpr@initialization$qqrv
@Qrexpr@Finalization$qqrv
@Quickrpt@initialization$qqrv
@Quickrpt@Finalization$qqrv
@Qrprntr@initialization$qqrv
@Qrprntr@Finalization$qqrv
@Qrctrls@initialization$qqrv
@Qrctrls@Finalization$qqrv
@Pdfobjs@initialization$qqrv
@Pdfobjs@Finalization$qqrv
@Pdfconst@initialization$qqrv
@Pdfconst@Finalization$qqrv
@Widelist@initialization$qqrv
@Widelist@Finalization$qqrv
@Qrpdffilt@initialization$qqrv
@Qrpdffilt@Finalization$qqrv
@Qrexport@initialization$qqrv
@Qrexport@Finalization$qqrv
@Qrwebfilt@initialization$qqrv
@Qrwebfilt@Finalization$qqrv
@Qrmbctrls@initialization$qqrv
@Qrmbctrls@Finalization$qqrv
@Qrprnsu@initialization$qqrv
@Qrprnsu@Finalization$qqrv
sactz.bpl
@Sactzlib@initialization$qqrv
@Sactzlib@Finalization$qqrv
sactdb.bpl
@Zlibpas@initialization$qqrv
@Zlibpas@Finalization$qqrv
@Dbisamtb@initialization$qqrv
@Dbisamtb@Finalization$qqrv
vclx100.bpl
@Checklst@initialization$qqrv
@Checklst@Finalization$qqrv
vcldb100.bpl
@Dbctrls@initialization$qqrv
@Dbctrls@Finalization$qqrv
@Dbpwdlg@initialization$qqrv
@Dbpwdlg@Finalization$qqrv
@Dblogdlg@initialization$qqrv
@Dblogdlg@Finalization$qqrv
dbrtl100.bpl
@Db@initialization$qqrv
@Db@Finalization$qqrv
@Db@TDataSet@FieldByName$qqrx17System@WideString
@Fmtbcd@initialization$qqrv
@Fmtbcd@Finalization$qqrv
@Sqltimst@initialization$qqrv
@Sqltimst@Finalization$qqrv
bdertl100.bpl
@Dbtables@initialization$qqrv
@Dbtables@Finalization$qqrv
vcljpg100.bpl
@Jpeg@initialization$qqrv
@Jpeg@Finalization$qqrv
sactpdf.bpl
@Vpdfdoc@initialization$qqrv
@Vpdfdoc@Finalization$qqrv
@Vpdfbarcode@initialization$qqrv
@Vpdfbarcode@Finalization$qqrv
@Vpdftypes@initialization$qqrv
@Vpdftypes@Finalization$qqrv
@Vpdftiff@initialization$qqrv
@Vpdftiff@Finalization$qqrv
@Vpdfdata@initialization$qqrv
@Vpdfdata@Finalization$qqrv
indycore100.bpl
@Idthread@initialization$qqrv
@Idthread@Finalization$qqrv
@Idiohandlerstack@initialization$qqrv
@Idiohandlerstack@Finalization$qqrv
@Idiohandler@initialization$qqrv
@Idiohandler@Finalization$qqrv
indysystem100.bpl
@Idglobal@initialization$qqrv
@Idglobal@Finalization$qqrv
@Idstack@initialization$qqrv
@Idstack@Finalization$qqrv
@Idwinsock2@initialization$qqrv
@Idwinsock2@Finalization$qqrv
@Idwship6@initialization$qqrv
@Idwship6@Finalization$qqrv
@Idstackwindows@initialization$qqrv
@Idstackwindows@Finalization$qqrv
@Idcomponent@initialization$qqrv
@Idcomponent@Finalization$qqrv
indyprotocols100.bpl
@Idglobalprotocols@initialization$qqrv
@Idglobalprotocols@Finalization$qqrv
@Idcharsets@initialization$qqrv
@Idcharsets@Finalization$qqrv
@Idcustomhttpserver@initialization$qqrv
@Idcustomhttpserver@Finalization$qqrv
@Idauthentication@initialization$qqrv
@Idauthentication@Finalization$qqrv
@Idcodermime@initialization$qqrv
@Idcodermime@Finalization$qqrv
@Idsslopenssl@initialization$qqrv
@Idsslopenssl@Finalization$qqrv
@Idssl@initialization$qqrv
@Idssl@Finalization$qqrv
@Idsslopensslheaders@initialization$qqrv
@Idsslopensslheaders@Finalization$qqrv
@Idhmacsha1@initialization$qqrv
@Idhmacsha1@Finalization$qqrv
@Idhmac@initialization$qqrv
@Idhmac@Finalization$qqrv
tee7100.bpl
@Chart@initialization$qqrv
@Chart@Finalization$qqrv
@Tecanvas@initialization$qqrv
@Tecanvas@Finalization$qqrv
@Teeconst@initialization$qqrv
@Teeconst@Finalization$qqrv
@Teehtml@initialization$qqrv
@Teehtml@Finalization$qqrv
@Teengine@initialization$qqrv
@Teengine@Finalization$qqrv
@Teeprocs@initialization$qqrv
@Teeprocs@Finalization$qqrv
adortl100.bpl
@Adodb@initialization$qqrv
@Adodb@Finalization$qqrv
xmlrtl100.bpl
@Xmlintf@initialization$qqrv
@Xmlintf@Finalization$qqrv
@Xmldom@initialization$qqrv
@Xmldom@Finalization$qqrv
@Msxmldom@initialization$qqrv
@Msxmldom@Finalization$qqrv
@Xmldoc@initialization$qqrv
@Xmldoc@Finalization$qqrv
@Xmlschema@initialization$qqrv
@Xmlschema@Finalization$qqrv
@Xmlschematags@initialization$qqrv
@Xmlschematags@Finalization$qqrv
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 16B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ