C:\Users\mikage\Documents\MyDevEnv\Projects\Win32\Artemis\Release\Artemis.pdb
Static task
static1
Behavioral task
behavioral1
Sample
WorldActor.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
WorldActor.exe
Resource
win10v2004-20240802-en
General
-
Target
WorldActor.exe
-
Size
4.9MB
-
MD5
586b252df041d1a522266d07bbbcef29
-
SHA1
8d0e4293fca632b07cdc2c36d4899ed5e3480a9f
-
SHA256
38feda70823430350ae58086225ac4a983ab727bd68b4800c4bbeed285ea0123
-
SHA512
7184d46b7ff52c542cb483395d68b6eb04c6088a9743893e17c70aca71a74aaaeff297be04adb851e29e397652f86d0b533ec927dd71f9607d263d11c3ed08b1
-
SSDEEP
98304:bW3tdwB6NSEetkEr8LTcGW7qD2ktgpNce+uHwMu5Ms3:EtdwBcSEIYLTcG2qDmf+ZMY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WorldActor.exe
Files
-
WorldActor.exe.exe windows:5 windows x86 arch:x86
2a0a9210d20f9e8f5e386cdf0e416baa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetVersionExA
GetWindowsDirectoryW
MapViewOfFile
UnmapViewOfFile
SetEvent
CreateFileMappingA
OpenEventA
OpenFileMappingA
GetModuleFileNameA
CreateMutexA
GetLastError
Sleep
GetSystemTimeAsFileTime
lstrcmpiA
OutputDebugStringA
GetSystemInfo
GetFileSize
GetFullPathNameA
InterlockedCompareExchange
InitializeCriticalSection
SignalObjectAndWait
UnregisterWait
GetThreadPriority
SetEnvironmentVariableA
GetFileAttributesExW
WriteConsoleW
LoadLibraryW
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetTickCount
SetThreadPriority
CreateEventW
FreeLibraryAndExitThread
GetThreadTimes
SwitchToThread
ExitProcess
SetThreadAffinityMask
DeleteTimerQueueTimer
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
MoveFileExW
CreatePipe
GetExitCodeProcess
GetTimeZoneInformation
SetEndOfFile
SetStdHandle
SetFilePointer
GetCurrentProcessId
GetOEMCP
GetModuleFileNameW
GetSystemDirectoryW
FormatMessageA
WaitForSingleObject
FileTimeToLocalFileTime
CloseHandle
GetFileTime
SetCurrentDirectoryW
SetCurrentDirectoryA
CreateDirectoryA
CreateFileW
FileTimeToSystemTime
CreateDirectoryW
CreateFileA
GetModuleHandleA
GetACP
IsValidCodePage
ReadConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetStdHandle
HeapSize
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
LoadLibraryA
GetProcAddress
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
TlsGetValue
LoadLibraryExW
ExitThread
CreateThread
CreateTimerQueueTimer
CreateTimerQueue
InitializeCriticalSectionAndSpinCount
RaiseException
GetCPInfo
GetCommandLineA
CreateProcessA
DeleteFileW
GetModuleHandleW
GetFileType
SetFilePointerEx
ExpandEnvironmentStringsA
GlobalUnlock
GlobalAlloc
GlobalLock
GetProcessAffinityMask
AllocConsole
OutputDebugStringW
FreeLibrary
ReadFile
RtlUnwind
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
GetModuleHandleExW
AreFileApisANSI
GetTempPathA
HeapReAlloc
user32
EmptyClipboard
CloseClipboard
PostMessageA
IsZoomed
PostQuitMessage
GetRawInputDeviceList
FindWindowA
AdjustWindowRect
CallWindowProcA
CreateWindowExW
GetSysColorBrush
GetSysColor
GetRawInputDeviceInfoA
ReleaseDC
CreateWindowExA
GetWindowTextW
SetWindowLongA
OpenClipboard
SetPropA
GetDC
SendMessageA
SetFocus
GetClientRect
FillRect
GetWindowTextLengthW
DestroyWindow
ClientToScreen
BeginPaint
EndPaint
GetForegroundWindow
DispatchMessageA
ScreenToClient
MessageBoxA
LoadIconA
SetWindowTextW
SetClipboardData
IsIconic
ShowCursor
GetSystemMetrics
SetRect
RemovePropA
UnregisterClassA
LoadCursorA
RegisterClassA
GetPropA
GetWindowLongA
MoveWindow
PeekMessageA
GetAsyncKeyState
GetCursorPos
mouse_event
DefWindowProcA
GetWindowRect
GetMonitorInfoA
GetWindowPlacement
SetWindowPos
MonitorFromRect
GetMessageA
TranslateMessage
ShowWindow
gdi32
DeleteDC
SetBkMode
SetBkColor
CreateFontA
SetTextColor
GetGlyphOutlineA
GetOutlineTextMetricsA
GetGlyphOutlineW
EnumFontFamiliesExW
GetDeviceCaps
BitBlt
DeleteObject
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
FillRgn
GetStockObject
GetTextExtentPoint32W
shell32
ShellExecuteA
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExA
ole32
CoCreateInstance
CoInitialize
CoUninitialize
winmm
timeBeginPeriod
timeGetTime
dinput
DirectInputCreateA
ws2_32
getsockname
ntohs
htons
htonl
inet_ntoa
gethostname
getpeername
setsockopt
__WSAFDIsSet
accept
listen
getsockopt
send
gethostbyname
gethostbyaddr
socket
bind
recv
WSACleanup
sendto
shutdown
WSAGetLastError
select
recvfrom
WSAStartup
connect
ioctlsocket
freeaddrinfo
getaddrinfo
inet_addr
getnameinfo
closesocket
imm32
ImmReleaseContext
ImmGetCompositionStringW
ImmSetOpenStatus
ImmGetContext
ImmGetCandidateListW
dsound
ord1
d3d9
Direct3DCreate9
advapi32
RegQueryValueExA
RegCloseKey
RegOpenKeyA
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 121KB - Virtual size: 158KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 404KB - Virtual size: 403KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ