Static task
static1
Behavioral task
behavioral1
Sample
9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c.dll
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c.exe
-
Size
2.7MB
-
MD5
dbb051c150d9526ff692b001a935c915
-
SHA1
cfc4b322ae84ae5766627acc184c8166a8e62a4f
-
SHA256
9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c
-
SHA512
9e83eefb22d4ca050aac49b2fd25d5ab1bcc3ebca842a10c1ef8e68bde1aa69fdfc6581f5fb99a1eaccab570929fbef827c7b6b381ab2c8c4bb41c2eed062c85
-
SSDEEP
49152:JA9qEelmNGJRcsADizpXtBOyABAUZLY6sEZGaXBuQQ9ey9:Qq8fWABAUZL3A
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c.exe
Files
-
9089d936f5dfb362e58d10ff16e5529c429007809694a2a548b9cacee925231c.exe.dll windows:4 windows x64 arch:x64
dce96bc6319a78e5eaf9315128c98209
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
advapi32
CryptAcquireContextA
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
kernel32
AllocConsole
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileW
CreateMutexW
CreateSemaphoreW
CreateThread
CreateTimerQueueTimer
DeleteCriticalSection
DeleteTimerQueueTimer
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
FormatMessageW
FreeLibrary
GetACP
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesW
GetFileSize
GetLastError
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleOutputCP
SetConsoleTitleW
SetEvent
SetFilePointerEx
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepEx
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
msvcrt
___lc_codepage_func
__dllonexit
__iob_func
__mb_cur_max
__setusermatherr
_amsg_exit
_beginthreadex
_close
_commit
_endthreadex
_errno
_exit
_fdopen
_fileno
_findclose
_fstat64
fwprintf
_get_osfhandle
_gmtime64
_initterm
_isatty
_localtime64
_lock
_lseeki64
_mktime64
_onexit
_open_osfhandle
_pipe
_stat64
_stricmp
_strnicmp
_sys_errlist
_sys_nerr
_time64
_unlock
_vsnprintf
_wfindfirst64
_wfindnext64
_wfullpath
_wgetcwd
_wmkdir
_wopen
_wremove
_wrename
_wstat64
_wunlink
abort
atof
atoi
atol
bsearch
calloc
clearerr
clock
div
exit
fclose
feof
ferror
fflush
fgetc
fgets
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
freopen
fseek
ftell
fwprintf
fwrite
getc
getchar
getenv
isalnum
isalpha
iscntrl
islower
isspace
isupper
iswctype
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
putc
putchar
puts
qsort
raise
rand
realloc
rewind
setlocale
signal
sprintf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
tolower
toupper
towlower
ungetc
vfprintf
wcscat
wcschr
wcscmp
wcscpy
wcslen
wcsrchr
wcstombs
_vsnwprintf
_snwprintf
_write
_stricmp
_strdup
_setmode
_read
_open
_getpid
_getcwd
_fileno
_fdopen
_dup
_close
_access
shell32
SHGetFolderPathW
ShellExecuteW
user32
FindWindowW
GetActiveWindow
GetCapture
GetCaretPos
GetClipboardOwner
GetClipboardViewer
GetCursorPos
GetDesktopWindow
GetFocus
GetInputState
GetMessagePos
GetMessageTime
GetOpenClipboardWindow
GetProcessWindowStation
MessageBoxW
SendMessageW
ws2_32
WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSARecv
WSARecvFrom
WSASendTo
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
ioctlsocket
listen
ntohl
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket
Exports
Exports
AddMD5
EndMD5
FromCharset
GetLang_1
GetLang_2B
GetLang_2T
InitMD5
NTPtime64
ToCharset
VLC_CompileBy
VLC_CompileHost
VLC_Compiler
access_vaDirectoryControlHelper
addon_entry_Hold
addon_entry_New
addon_entry_Release
addons_manager_Delete
addons_manager_Gather
addons_manager_Install
addons_manager_LoadCatalog
addons_manager_New
addons_manager_Remove
aout_BitsPerSample
aout_ChannelExtract
aout_ChannelReorder
aout_CheckChannelExtraction
aout_CheckChannelReorder
aout_Deinterleave
aout_DeviceGet
aout_DeviceSet
aout_DevicesList
aout_FiltersAdjustResampling
aout_FiltersChangeViewpoint
aout_FiltersDelete
aout_FiltersDrain
aout_FiltersFlush
aout_FiltersNew
aout_FiltersPlay
aout_FormatPrepare
aout_FormatPrint
aout_FormatPrintChannels
aout_Interleave
aout_MuteGet
aout_MuteSet
aout_VolumeGet
aout_VolumeSet
aout_VolumeUpdate
aout_filter_RequestVout
block_Alloc
block_FifoCount
block_FifoEmpty
block_FifoGet
block_FifoNew
block_FifoPut
block_FifoRelease
block_FifoShow
block_File
block_FilePath
block_Init
block_Realloc
block_TryRealloc
block_heap_Alloc
block_mmap_Alloc
block_shm_Alloc
config_AddIntf
config_ChainCreate
config_ChainDestroy
config_ChainDuplicate
config_ChainParse
config_ChainParseOptions
config_ExistIntf
config_FindConfig
config_GetDataDir
config_GetFloat
config_GetInt
config_GetIntChoices
config_GetLibDir
config_GetPsz
config_GetPszChoices
config_GetType
config_GetUserDir
config_PutFloat
config_PutInt
config_PutPsz
config_RemoveIntf
config_ResetAll
config_SaveConfigFile
config_StringEscape
config_StringUnescape
date_Change
date_Decrement
date_Get
date_Increment
date_Init
date_Move
date_Set
decoder_AbortPictures
decoder_GetDisplayDate
decoder_GetDisplayRate
decoder_GetInputAttachments
decoder_NewAudioBuffer
decoder_NewSubpicture
demux_Delete
demux_New
demux_PacketizerDestroy
demux_PacketizerNew
demux_vaControl
demux_vaControlHelper
es_format_Clean
es_format_Copy
es_format_Init
es_format_InitFromVideo
es_format_IsSimilar
filter_AddProxyCallbacks
filter_Blend
filter_ConfigureBlend
filter_DelProxyCallbacks
filter_DeleteBlend
filter_NewBlend
filter_chain_AppendConverter
filter_chain_AppendFilter
filter_chain_AppendFromString
filter_chain_Delete
filter_chain_DeleteFilter
filter_chain_GetFmtOut
filter_chain_IsEmpty
filter_chain_MouseEvent
filter_chain_MouseFilter
filter_chain_NewVideo
filter_chain_Reset
filter_chain_SubFilter
filter_chain_VideoFilter
filter_chain_VideoFlush
fingerprinter_Create
fingerprinter_Destroy
httpd_ClientIP
httpd_FileDelete
httpd_FileNew
httpd_HandlerDelete
httpd_HandlerNew
httpd_HostDelete
httpd_MsgAdd
httpd_MsgGet
httpd_RedirectDelete
httpd_RedirectNew
httpd_ServerIP
httpd_StreamDelete
httpd_StreamHeader
httpd_StreamNew
httpd_StreamSend
httpd_StreamSetHTTPHeaders
httpd_UrlCatch
httpd_UrlDelete
httpd_UrlNew
image_Ext2Fourcc
image_HandlerCreate
image_HandlerDelete
image_Mime2Fourcc
image_Type2Fourcc
input_Close
input_Control
input_Create
input_CreateFilename
input_DecoderCreate
input_DecoderDecode
input_DecoderDelete
input_DecoderDrain
input_DecoderFlush
input_GetItem
input_Read
input_Start
input_Stop
input_item_AddInfo
input_item_AddOpaque
input_item_AddOption
input_item_AddOptions
input_item_AddSlave
input_item_Copy
input_item_CopyOptions
input_item_DelInfo
input_item_GetDuration
input_item_GetInfo
input_item_GetMeta
input_item_GetName
input_item_GetNowPlayingFb
input_item_GetTitleFbName
input_item_GetURI
input_item_HasErrorWhenReading
input_item_Hold
input_item_IsArtFetched
input_item_IsPreparsed
input_item_MergeInfos
input_item_MetaMatch
input_item_NewExt
input_item_Release
input_item_ReplaceInfos
input_item_SetDuration
input_item_SetMeta
input_item_SetName
input_item_SetURI
input_item_WriteMeta
input_item_node_AppendItem
input_item_node_AppendNode
input_item_node_Create
input_item_node_Delete
input_item_slave_GetType
input_item_slave_New
input_resource_GetAout
input_resource_HoldAout
input_resource_New
input_resource_PutAout
input_resource_Release
input_resource_ResetAout
input_resource_Terminate
input_resource_TerminateVout
input_vaControl
intf_Create
libvlc_ArtRequest
libvlc_InternalAddIntf
libvlc_InternalCleanup
libvlc_InternalCreate
libvlc_InternalDestroy
libvlc_InternalDialogClean
libvlc_InternalDialogInit
libvlc_InternalInit
libvlc_InternalKeystoreClean
libvlc_InternalKeystoreInit
libvlc_InternalPlay
libvlc_MetadataCancel
libvlc_MetadataRequest
libvlc_Quit
libvlc_SetExitHandler
mdate
module_config_free
module_config_get
module_exists
module_find
module_get_capability
module_get_help
module_get_name
module_get_object
module_get_score
module_gettext
module_list_free
module_list_get
module_need
module_provides
module_unneed
msleep
mwait
net_Accept
net_AcceptSingle
net_Connect
net_ConnectDgram
net_Gets
net_Listen
net_ListenClose
net_OpenDgram
net_Printf
net_Read
net_SetCSCov
net_Write
net_vaPrintf
picture_BlendSubpicture
picture_Clone
picture_Copy
picture_CopyPixels
picture_CopyProperties
picture_Export
picture_Hold
picture_New
picture_NewFromFormat
picture_NewFromResource
picture_Release
picture_Reset
picture_Setup
picture_fifo_Delete
picture_fifo_Flush
picture_fifo_New
picture_fifo_OffsetDate
picture_fifo_Peek
picture_fifo_Pop
picture_fifo_Push
picture_pool_Enum
picture_pool_Get
picture_pool_GetSize
picture_pool_New
picture_pool_NewExtended
picture_pool_NewFromFormat
picture_pool_Release
picture_pool_Reserve
picture_pool_Wait
plane_CopyPixels
playlist_Add
playlist_AddExt
playlist_AddInput
playlist_AssertLocked
playlist_ChildSearchName
playlist_Clear
playlist_Control
playlist_CurrentInput
playlist_CurrentInputLocked
playlist_CurrentPlayingItem
playlist_Deactivate
playlist_EnableAudioFilter
playlist_Export
playlist_GetAout
playlist_GetNodeDuration
playlist_Import
playlist_IsServicesDiscoveryLoaded
playlist_ItemGetById
playlist_ItemGetByInput
playlist_LiveSearchUpdate
playlist_Lock
playlist_MuteGet
playlist_MuteSet
playlist_NodeAddCopy
playlist_NodeAddInput
playlist_NodeCreate
playlist_NodeDelete
playlist_RecursiveNodeSort
playlist_ServicesDiscoveryAdd
playlist_ServicesDiscoveryControl
playlist_ServicesDiscoveryRemove
playlist_SetRenderer
playlist_Status
playlist_TreeMove
playlist_TreeMoveMany
playlist_Unlock
playlist_VolumeGet
playlist_VolumeSet
playlist_VolumeUp
sdp_AddAttribute
sdp_AddMedia
secstotimestr
sout_AccessOutControl
sout_AccessOutDelete
sout_AccessOutNew
sout_AccessOutRead
sout_AccessOutSeek
sout_AccessOutWrite
sout_AnnounceRegisterSDP
sout_AnnounceUnRegister
sout_EncoderCreate
sout_MuxAddStream
sout_MuxDelete
sout_MuxDeleteStream
sout_MuxFlush
sout_MuxGetStream
sout_MuxNew
sout_MuxSendBuffer
sout_StreamChainDelete
sout_StreamChainNew
spu_ChangeFilters
spu_ChangeSources
spu_ClearChannel
spu_Create
spu_Destroy
spu_PutSubpicture
spu_RegisterChannel
spu_Render
subpicture_Delete
subpicture_New
subpicture_NewFromPicture
subpicture_Update
subpicture_region_ChainDelete
subpicture_region_Copy
subpicture_region_Delete
subpicture_region_New
text_segment_ChainDelete
text_segment_Copy
text_segment_Delete
text_segment_New
text_segment_NewInheritStyle
text_style_Copy
text_style_Create
text_style_Delete
text_style_Duplicate
text_style_Merge
text_style_New
update_Check
update_Delete
update_Download
update_GetRelease
update_NeedUpgrade
update_New
us_asprintf
us_atof
us_strtod
us_strtof
us_vasprintf
utf8_fprintf
utf8_vfprintf
var_AddCallback
var_AddListCallback
var_Change
var_Create
var_DelCallback
var_DelListCallback
var_Destroy
var_FreeList
var_Get
var_GetAndSet
var_GetChecked
var_Inherit
var_InheritURational
var_LocationParse
var_Set
var_SetChecked
var_TriggerCallback
var_Type
video_format_ApplyRotation
video_format_CopyCrop
video_format_FixRgb
video_format_GetTransform
video_format_IsSimilar
video_format_Print
video_format_ScaleCropAr
video_format_Setup
video_format_TransformBy
video_format_TransformTo
vlc_CPU
vlc_GetCPUCount
vlc_Log
vlc_LogSet
vlc_UrlClean
vlc_UrlParse
vlc_UrlParseFixup
vlc_accept
vlc_accept_i11e
vlc_access_NewMRL
vlc_actions_get_id
vlc_actions_get_key_names
vlc_actions_get_keycodes
vlc_b64_decode
vlc_b64_decode_binary
vlc_b64_decode_binary_to_buffer
vlc_b64_encode
vlc_b64_encode_binary
vlc_cancel
vlc_clone
vlc_close
vlc_cond_broadcast
vlc_cond_destroy
vlc_cond_init
vlc_cond_signal
vlc_cond_timedwait
vlc_cond_wait
vlc_control_cancel
vlc_credential_clean
vlc_credential_get
vlc_credential_init
vlc_credential_store
vlc_demux_chained_ControlVa
vlc_demux_chained_Delete
vlc_demux_chained_New
vlc_demux_chained_Send
vlc_dialog_display_error
vlc_dialog_display_error_va
vlc_dialog_display_progress
vlc_dialog_display_progress_va
vlc_dialog_id_dismiss
vlc_dialog_id_get_context
vlc_dialog_id_post_action
vlc_dialog_id_post_login
vlc_dialog_id_set_context
vlc_dialog_is_cancelled
vlc_dialog_provider_set_callbacks
vlc_dialog_provider_set_ext_callback
vlc_dialog_release
vlc_dialog_update_progress
vlc_dialog_update_progress_text
vlc_dialog_update_progress_text_va
vlc_dialog_wait_login
vlc_dialog_wait_login_va
vlc_dialog_wait_question
vlc_dialog_wait_question_va
vlc_drand48
vlc_dup
vlc_epg_AddEvent
vlc_epg_Delete
vlc_epg_Duplicate
vlc_epg_New
vlc_epg_SetCurrent
vlc_epg_event_Delete
vlc_epg_event_Duplicate
vlc_epg_event_New
vlc_error
vlc_event_attach
vlc_event_detach
vlc_ext_dialog_update
vlc_fifo_DequeueAllUnlocked
vlc_fifo_DequeueUnlocked
vlc_fifo_GetBytes
vlc_fifo_GetCount
vlc_fifo_Lock
vlc_fifo_QueueUnlocked
vlc_fifo_Signal
vlc_fifo_Unlock
vlc_fifo_Wait
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.buildid Size: 512B - Virtual size: 53B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 18KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 88B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/4 Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ