E:\cpp\Notepad3\Bin\Release_x86_v143\minipath.pdb
Static task
static1
Behavioral task
behavioral1
Sample
a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5.exe
Resource
win10v2004-20241007-en
General
-
Target
a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5.exe
-
Size
1.3MB
-
MD5
e5a12459a39aa142a12c58d9afbe5b0d
-
SHA1
bebd558572194c56815a2fbaf016d1d4d0922ed3
-
SHA256
a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5
-
SHA512
471c88d109ebabc6d288a19f604ccabdc6ad6709acabc5bee1f3885ac917870f4349a98b03ec62d89b3c40e9f8477dfc1faf735484dc750ecb6111dcbd824086
-
SSDEEP
24576:E/Pa9WKjYx31wk3AKLbTuruhXaJYKwcC4nS/AildFu8hod/zodlY:KQWKjc1wk3AKLbCZYKwcC4nSZFadkd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5.exe
Files
-
a45e9fae49d4af114a252f3cd5b69f33cb5994915a75cb51983910c9f21d81e5.exe.exe windows:6 windows x86 arch:x86
c18bcc1175f8fcf1adc36bc1ee87c82a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shlwapi
PathGetDriveNumberW
StrCmpNIW
StrDupW
StrChrA
PathRelativePathToW
PathIsPrefixW
PathUnExpandEnvStringsW
PathIsRootW
PathCanonicalizeW
PathFindExtensionW
PathFindFileNameW
PathCommonPrefixW
PathCompactPathExW
PathRemoveExtensionW
StrStrIW
StrFormatByteSizeW
PathStripPathW
PathRemoveBackslashW
StrRetToBufW
PathMatchSpecW
StrCatBuffW
PathUnquoteSpacesW
StrChrW
StrTrimW
SHAutoComplete
StrCpyNW
PathQuoteSpacesW
PathRenameExtensionW
PathIsDirectoryW
StrRChrW
PathAppendW
PathIsRelativeW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW
PathIsSameRootW
psapi
EnumProcessModules
GetModuleFileNameExW
user32
LoadAcceleratorsW
DeleteMenu
ShowOwnedPopups
CopyImage
MessageBoxW
EqualRect
IsWindowVisible
ShowWindowAsync
GetMessagePos
LoadMenuW
CharUpperW
GetKeyState
DefWindowProcW
GetMenuItemInfoW
DeferWindowPos
GetMessageW
GetSubMenu
BeginDeferWindowPos
OpenClipboard
OffsetRect
SetTimer
CloseClipboard
SetMenuItemInfoW
EmptyClipboard
RegisterClassW
SetWindowPlacement
FrameRect
SetMenuDefaultItem
EnumWindows
GetMessageTime
CreateWindowExA
IntersectRect
SetFocus
BringWindowToTop
TranslateAcceleratorW
GetWindowDC
EndDeferWindowPos
SetClipboardData
CheckMenuItem
IsZoomed
KillTimer
PostQuitMessage
GetSysColorBrush
EnableMenuItem
RegisterWindowMessageW
UpdateWindow
IsIconic
GetWindowThreadProcessId
DrawAnimatedRects
FindWindowExW
GetDC
MonitorFromRect
SetActiveWindow
LoadStringA
TrackPopupMenu
SetWindowCompositionAttribute
SystemParametersInfoW
SetPropW
RedrawWindow
SendMessageW
wsprintfW
GetSysColor
CharPrevW
GetWindowPlacement
GetSystemMetrics
SetWindowTextW
LoadStringW
DdeCreateStringHandleW
DdeConnect
GetMonitorInfoW
DdeInitializeW
DdeUninitialize
DialogBoxIndirectParamW
DdeClientTransaction
SetLayeredWindowAttributes
CharUpperBuffW
DdeDisconnect
DdeFreeStringHandle
SetForegroundWindow
LoadImageW
ReleaseDC
GetPropW
RemovePropW
DispatchMessageW
PeekMessageW
TranslateMessage
GetWindowLongW
GetWindowTextLengthW
GetSystemMenu
AdjustWindowRectEx
PostMessageW
CheckMenuRadioItem
GetWindowRect
GetFocus
DestroyWindow
SetWindowPos
CheckRadioButton
MessageBoxExW
CreateWindowExW
EndDialog
MessageBeep
CreatePopupMenu
WindowFromPoint
DestroyCursor
ShowWindow
DestroyIcon
GetDlgCtrlID
SetDlgItemTextW
MapWindowPoints
GetDlgItemTextW
SendDlgItemMessageW
IsWindowEnabled
IsDlgButtonChecked
DestroyMenu
GetMenuStringW
CharNextW
LoadIconW
LoadCursorW
GetClassNameW
SetCapture
InsertMenuW
SetCursor
SetWindowLongW
TrackPopupMenuEx
GetComboBoxInfo
GetClientRect
GetDlgItem
AppendMenuW
CheckDlgButton
GetParent
ReleaseCapture
InvalidateRect
ChildWindowFromPoint
GetCursorPos
EnableWindow
GetWindowTextW
SetRect
kernel32
RaiseException
GetSystemInfo
VirtualQuery
GetModuleHandleW
LoadLibraryExA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
DecodePointer
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
ReadConsoleW
GetConsoleMode
VirtualProtect
CompareStringOrdinal
FreeLibrary
LoadLibraryExW
ReadFile
lstrlenW
WriteFile
lstrcpynW
ExpandEnvironmentStringsW
GetModuleFileNameW
SetFilePointer
SetEndOfFile
UnlockFileEx
CreateFileW
GetSystemDirectoryW
MultiByteToWideChar
lstrcatW
CloseHandle
LockFileEx
GetFileSize
WideCharToMultiByte
lstrcpyW
lstrcmpiW
lstrcmpW
FlushFileBuffers
GetShortPathNameW
LocalAlloc
GetFileAttributesW
SetFileAttributesW
FormatMessageW
GetLastError
GetCurrentDirectoryW
LocalFree
WaitForSingleObject
CreateEventW
SetEvent
GlobalAlloc
GlobalFree
ResetEvent
SizeofResource
SearchPathW
GetLocaleInfoEx
FreeResource
OpenProcess
LockResource
LoadLibraryW
LoadResource
FindResourceW
GetWindowsDirectoryW
GetProcAddress
GlobalLock
GlobalUnlock
MulDiv
CreateDirectoryW
FindFirstFileW
GetCommandLineW
SetThreadUILanguage
SetErrorMode
FindClose
GetUserPreferredUILanguages
FindFirstChangeNotificationW
GetVersion
ResolveLocaleName
GlobalSize
FileTimeToSystemTime
FindCloseChangeNotification
FileTimeToLocalFileTime
FindNextChangeNotification
SetCurrentDirectoryW
GetTimeFormatW
VerSetConditionMask
CopyFileW
VerifyVersionInfoW
SetThreadPreferredUILanguages
IsValidLocaleName
GetDateFormatW
MapViewOfFile
CreateFileMappingW
LocaleNameToLCID
FindResourceExW
LCIDToLocaleName
UnmapViewOfFile
GetVersionExW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
SetLastError
SetUnhandledExceptionFilter
GetConsoleOutputCP
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
SetStdHandle
OutputDebugStringW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetTempPathW
GetFileType
HeapAlloc
HeapFree
GetCurrentThread
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
WriteConsoleW
gdi32
GetStockObject
SetBkColor
ExtTextOutW
EnumFontsW
GetDeviceCaps
SetTextColor
GetObjectW
DeleteObject
CreateSolidBrush
CreateFontIndirectW
comdlg32
GetOpenFileNameW
ChooseColorW
GetSaveFileNameW
advapi32
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetDesktopFolder
ord180
SHAppBarMessage
DragQueryFileW
Shell_NotifyIconW
DragAcceptFiles
DragFinish
SHGetDataFromIDListW
ole32
OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
DoDragDrop
ntdll
RtlGetNtVersionNumbers
comctl32
ImageList_Create
ord381
PropertySheetW
ord410
ord413
ImageList_Destroy
InitCommonControlsEx
InitMUILanguage
ImageList_AddMasked
Sections
.text Size: 910KB - Virtual size: 909KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 85KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 321KB - Virtual size: 320KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ