Static task
static1
Behavioral task
behavioral1
Sample
3c7db61b397a28897ade5d4beaa84af510207cd5ff1b17feb6e82c5f3c2df71e.exe
Resource
win7-20240903-en
General
-
Target
3c7db61b397a28897ade5d4beaa84af510207cd5ff1b17feb6e82c5f3c2df71e
-
Size
2.9MB
-
MD5
ffc6e86b94a45cd05eb5b249209970bd
-
SHA1
a6d5a4334aa337a5e578292a64e70741b0ae0657
-
SHA256
3c7db61b397a28897ade5d4beaa84af510207cd5ff1b17feb6e82c5f3c2df71e
-
SHA512
3ac6111b09c836d54a4bdd574f773bc07f584b2f3bffad10a4694add715796eab8acc473972ecaa0348d4987a4a5056e2b0b5b117adb2ae6d66a2198216a5b09
-
SSDEEP
49152:U1AQHSED94jNTvu4OjPlH8h6dd3memJ8UJQ9Od8PATX+8qbyyuF7DiyanYgaxxlW:SAQHSER4jNzcjtchGd3mem94EQH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 3c7db61b397a28897ade5d4beaa84af510207cd5ff1b17feb6e82c5f3c2df71e
Files
-
3c7db61b397a28897ade5d4beaa84af510207cd5ff1b17feb6e82c5f3c2df71e.exe windows:0 windows x86 arch:x86
1e5a4769bafbf8d68687235e0a241fea
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
gdi32
ChoosePixelFormat
CombineRgn
CreateCompatibleBitmap
CreateICW
CreatePen
EndGdiRendering
EndPage
EngDeleteClip
EngQueryEMFInfo
EngStretchBltROP
EngTransparentBlt
EngUnicodeToMultiByteN
FixBrushOrgEx
GdiConvertBitmapV5
GdiDeleteSpoolFileHandle
GdiFullscreenControl
GdiIsMetaPrintDC
GdiStartPageEMF
GetCharacterPlacementA
GetColorSpace
GetETM
GetEnhMetaFileW
GetFontRealizationInfo
GetICMProfileA
GetICMProfileW
GetMapMode
GetMiterLimit
GetOutlineTextMetricsW
GetROP2
GetTextExtentExPointW
GetTextExtentPointI
GetTextFaceA
MoveToEx
NamedEscape
OffsetClipRgn
OffsetRgn
PATHOBJ_bEnum
PATHOBJ_bEnumClipLines
PaintRgn
PlgBlt
PolyTextOutA
Polygon
QueryFontAssocStatus
RealizePalette
RemoveFontResourceA
ResetDCW
STROBJ_bEnum
STROBJ_dwGetCodePage
SelectClipPath
SelectFontLocal
SetDCPenColor
SetGraphicsMode
SetMetaFileBitsEx
SetRectRgn
SetTextCharacterExtra
kernel32
CloseThreadpoolTimer
CompareStringOrdinal
CreateDirectoryA
CreateDirectoryW
CreateHardLinkA
CreateMutexExW
CreateProcessA
CreateThreadpool
CreateTimerQueueTimer
CtrlRoutine
DeleteFileTransactedW
DeleteProcThreadAttributeList
DeleteTimerQueueTimer
EnumDateFormatsA
EnumResourceTypesExW
EnumTimeFormatsA
EnumUILanguagesA
ExitVDM
FileTimeToLocalFileTime
FindFirstFileExA
FindNextFileW
FlsSetValue
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCalendarDaysInMonth
GetCalendarInfoA
GetCalendarSupportedDateRange
GetConsoleAliasExesW
GetConsoleFontSize
GetConsoleOriginalTitleA
GetCurrencyFormatA
GetCurrentDirectoryW
GetDiskFreeSpaceExA
GetDllDirectoryW
GetEraNameCountedString
GetFileSizeEx
GetOverlappedResult
GetProcAddress
GetQueuedCompletionStatusEx
GetShortPathNameW
GetStringTypeA
GetSystemDefaultLocaleName
GetSystemPreferredUILanguages
GetTempPathW
GetTimeFormatW
GetTimeZoneInformationForYear
GetUserGeoID
GetVersionExW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
GetWriteWatch
GlobalFindAtomW
GlobalMemoryStatusEx
InterlockedPopEntrySList
IsBadHugeWritePtr
IsValidLocale
LZStart
LoadLibraryA
LockFile
MoveFileTransactedW
OpenMutexW
PostQueuedCompletionStatus
PrivMoveFileIdentityW
QueryDepthSList
QueryProcessAffinityUpdateMode
QueueUserWorkItem
ReadConsoleInputExA
ResetWriteWatch
ResolveLocaleName
SetCommState
SetComputerNameExW
SetConsoleTitleW
SetDefaultCommConfigA
SetDefaultCommConfigW
SetDefaultDllDirectories
SetDynamicTimeZoneInformation
SetEnvironmentStringsA
SetFileBandwidthReservation
SetNamedPipeAttribute
SetSearchPathMode
SetThreadpoolThreadMinimum
SetTimerQueueTimer
SetUnhandledExceptionFilter
SignalObjectAndWait
SleepConditionVariableCS
TryAcquireSRWLockShared
TzSpecificLocalTimeToSystemTimeEx
UnlockFile
WaitForMultipleObjectsEx
WerGetFlags
lstrlenW
msvcrt
_chgsign
_stricoll
_wcsnset
clock
fclose
feof
fgets
fputws
free
getc
isspace
iswalpha
malloc
mbtowc
memcpy
memset
rand
strcat
strcpy_s
strcspn
strerror
strlen
strrchr
swprintf_s
swscanf_s
ungetwc
shell32
AssocGetDetailsOfPropKey
DragQueryPoint
ExtractIconEx
GetCurrentProcessExplicitAppUserModelID
ILFree
IsNetDrive
PifMgr_CloseProperties
RestartDialog
SHBindToFolderIDListParentEx
SHBindToParent
SHCreateDirectoryExA
SHCreateItemInKnownFolder
SHCreateStdEnumFmtEtc
SHGetFolderPathAndSubDirW
SHGetKnownFolderIDList
SHGetKnownFolderItem
SHGetNewLinkInfo
SHGetNewLinkInfoA
SHGetSettings
SHSetFolderPathW
user32
AttachThreadInput
CallMsgFilterA
CascadeChildWindows
CharPrevW
CheckWindowThreadDesktop
CloseWindow
CreateSystemThreads
DefMDIChildProcA
DestroyCaret
DisplayConfigGetDeviceInfo
EnterReaderModeHelper
EnumDesktopWindows
GetAltTabInfoA
GetClassNameA
GetClassNameW
GetCursor
GetDialogBaseUnits
GetGuiResources
GetKBCodePage
GetLastInputInfo
GetMenuItemCount
GetWindow
GetWindowCompositionInfo
GetWindowDC
GetWindowLongA
GetWindowModuleFileName
IsCharUpperW
IsChild
LoadAcceleratorsA
LoadStringA
LoadStringW
MessageBeep
MessageBoxExW
PaintMenuBar
RegisterErrorReportingDialog
RegisterTasklist
RemoveClipboardFormatListener
ScreenToClient
SendMessageTimeoutA
SetGestureConfig
SetScrollPos
ShowSystemCursor
ShutdownBlockReasonDestroy
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UnregisterDeviceNotification
UnregisterPowerSettingNotification
WinHelpW
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 454KB - Virtual size: 453KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 946KB - Virtual size: 946KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ