Static task
static1
Behavioral task
behavioral1
Sample
05afdc2e75e4465231687a7de5535bb7da7fcba6d98c03c45c94411cf26a4067.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
05afdc2e75e4465231687a7de5535bb7da7fcba6d98c03c45c94411cf26a4067.exe
Resource
win10v2004-20241007-en
General
-
Target
05afdc2e75e4465231687a7de5535bb7da7fcba6d98c03c45c94411cf26a4067
-
Size
11.0MB
-
MD5
1762716889c3daa031df4240ad5e2db5
-
SHA1
48d05ca39525e3a6c160141cb6e32f3b7b06e323
-
SHA256
05afdc2e75e4465231687a7de5535bb7da7fcba6d98c03c45c94411cf26a4067
-
SHA512
7804672ec6ac14b8009a1f768c9f12c06dad9a70eaa8cec2dc610caafb72d642ce04f093decfb2141ef77b19d7a9e99d35efcf06385d23e734a746bcbcaf4de4
-
SSDEEP
196608:3n59HUwkhzvnda0PXUhM7Ao0G+wGLF8bhJrvRKpM7sjX3d38FLOyomFHKnPn:XvBkx/mY7+Be1JlNsjX3d38Fa
Malware Config
Signatures
Files
-
05afdc2e75e4465231687a7de5535bb7da7fcba6d98c03c45c94411cf26a4067.exe windows:5 windows x86 arch:x86
813d515ab6d167adbce7f587958cef9f
Code Sign
5a:1d:90:f0:f0:a6:b8:86:49:a2:c9:4e:1a:ad:5f:64Certificate
IssuerCN=VMware Inc.,C=ChinaNot Before23-10-2024 03:18Not After30-12-2099 16:00SubjectCN=VMware Inc.,C=China0b:ae:66:bc:5a:ba:7f:95:87:c6:f9:e9:04:e3:33:04Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before26-09-2024 00:00Not After25-11-2035 23:59SubjectCN=DigiCert Timestamp 2024,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
fc:f1:48:17:6e:ac:90:45:64:76:13:d7:fa:48:16:91:59:6c:60:da:a1:91:ca:e8:13:ec:ed:fb:48:0d:5b:ddSigner
Actual PE Digestfc:f1:48:17:6e:ac:90:45:64:76:13:d7:fa:48:16:91:59:6c:60:da:a1:91:ca:e8:13:ec:ed:fb:48:0d:5b:ddDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
send
bind
closesocket
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
recv
getaddrinfo
freeaddrinfo
accept
listen
recvfrom
sendto
ioctlsocket
gethostname
WSAStartup
WSASetLastError
select
getservbyname
__WSAFDIsSet
socket
WSAGetLastError
WSAIoctl
WSACleanup
gethostbyname
htonl
shutdown
kernel32
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VirtualProtect
FindResourceExW
SearchPathW
GetProfileIntW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
LocalReAlloc
IsDebuggerPresent
GetStartupInfoW
EnumSystemLocalesW
IsValidLocale
GetOEMCP
IsValidCodePage
CompareStringW
ReadConsoleW
GetConsoleMode
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
SetStdHandle
GetCommandLineW
GetCommandLineA
SetFilePointerEx
VirtualQuery
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
LCMapStringW
GetCPInfo
GetStringTypeW
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpiW
SetErrorMode
GetConsoleCP
GlobalGetAtomNameW
UnlockFile
LockFile
GetFullPathNameW
FlushFileBuffers
GetPrivateProfileIntW
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetThreadLocale
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
EncodePointer
OutputDebugStringA
lstrcmpA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GlobalSize
VerifyVersionInfoW
VerSetConditionMask
FormatMessageA
GetFileType
ExpandEnvironmentStringsA
SleepEx
GetModuleHandleA
GetFileInformationByHandle
GetFileSize
CreateMutexA
VirtualAlloc
InterlockedCompareExchange
VirtualFree
ReleaseMutex
LocalFileTimeToFileTime
SetFileTime
GetACP
DecodePointer
RaiseException
HeapReAlloc
HeapSize
GetLocalTime
InterlockedExchange
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
MoveFileExW
CopyFileW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
FormatMessageW
ReleaseSemaphore
GetExitCodeProcess
WaitForMultipleObjects
ReadFile
PeekNamedPipe
SetEvent
SetLastError
CreateThread
CreateEventW
GetCurrentProcess
DuplicateHandle
CreatePipe
OpenProcess
TerminateProcess
GetTempPathW
GetLongPathNameW
GetTempFileNameW
GetWindowsDirectoryW
GetSystemDirectoryW
CreateMutexW
GetVolumeInformationW
DeviceIoControl
CreateDirectoryW
FindVolumeClose
FindNextVolumeW
GetVolumePathNamesForVolumeNameW
QueryDosDeviceW
FindFirstVolumeW
WriteFile
GetStdHandle
WriteConsoleW
OutputDebugStringW
SetEndOfFile
SetFilePointer
CreateFileW
MoveFileW
DeleteFileW
GlobalMemoryStatus
GetTickCount
SystemTimeToFileTime
GetSystemTime
GetCurrentThreadId
GlobalAlloc
LocalFree
LocalAlloc
GetLastError
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetCurrentDirectoryW
GetModuleFileNameW
WinExec
lstrlenW
lstrcatW
GetDiskFreeSpaceExW
GetDriveTypeW
GetModuleHandleW
GetVersionExW
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryW
SetConsoleMode
InterlockedDecrement
MulDiv
HeapFree
GetProcessHeap
HeapAlloc
GetVersion
lstrcpyW
MultiByteToWideChar
WideCharToMultiByte
Sleep
CreateProcessW
GetCurrentProcessId
TerminateThread
InterlockedExchangeAdd
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
FindClose
FindNextFileW
FindFirstFileW
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetConsoleCtrlHandler
FlushConsoleInputBuffer
LoadLibraryExA
ReadConsoleInputA
InitializeSListHead
user32
CharNextW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
GetMessageTime
GetMessageW
DispatchMessageW
LoadMenuW
RemoveMenu
InsertMenuW
GetMenuItemID
GetMenuState
EnumDisplayMonitors
ShowOwnedPopups
CopyImage
SendDlgItemMessageA
RealChildWindowFromPoint
GetAsyncKeyState
TrackMouseEvent
IsZoomed
CharUpperW
GetNextDlgGroupItem
WindowFromPoint
GetCapture
UnregisterClassW
GrayStringW
DrawTextExW
TabbedTextOutW
UpdateWindow
GetWindowThreadProcessId
SetForegroundWindow
TrackPopupMenu
CreatePopupMenu
ClientToScreen
DrawIcon
IsIconic
LoadIconW
SendMessageTimeoutW
EnumWindows
SetRectEmpty
AppendMenuW
GetSubMenu
GetMenuItemInfoW
GetMenuItemCount
DrawIconEx
SystemParametersInfoW
DestroyIcon
GetDC
IsWindow
SetCursor
LoadCursorW
wsprintfW
ScreenToClient
GetCursorPos
KillTimer
ReleaseCapture
GetMessagePos
GetSystemMenu
DeleteMenu
MessageBeep
NotifyWinEvent
SubtractRect
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
UnionRect
MonitorFromPoint
CopyAcceleratorTableW
InvalidateRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetCapture
SetTimer
PtInRect
TranslateMessage
DestroyMenu
GetKeyNameTextW
MapVirtualKeyW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
SetWindowRgn
DrawFocusRect
IsRectEmpty
PeekMessageW
SetLayeredWindowAttributes
LoadImageW
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
GetIconInfo
CopyIcon
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageW
WaitMessage
GetWindowRgn
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
DestroyCursor
InvertRect
HideCaret
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
RegisterWindowMessageW
RedrawWindow
EnableWindow
GetClientRect
SendMessageW
InvalidateRect
PostMessageW
GetWindowRect
GetSysColor
InflateRect
DrawTextW
IntersectRect
GetPropW
SetWindowPos
GetScrollInfo
GetWindowLongW
SetPropW
SetWindowLongW
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollInfo
SetScrollPos
SetScrollRange
ShowScrollBar
RemovePropW
SetRect
DrawFrameControl
FillRect
GetSystemMetrics
DrawEdge
GetSysColorBrush
GetParent
OffsetRect
GetWindowDC
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
GetMenuStringW
ReleaseDC
CopyRect
MapWindowPoints
CallWindowProcW
gdi32
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
IntersectClipRect
CreateRectRgnIndirect
SetRectRgn
DPtoLP
GetBkColor
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetRgnBox
RealizePalette
SetPixel
Rectangle
OffsetRgn
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
CreateRectRgn
CreateHatchBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateDIBSection
SetDIBColorTable
RoundRect
Escape
RectVisible
PtVisible
TextOutW
CreatePen
GetMapMode
GetTextMetricsW
CreateDIBitmap
GetTextColor
CreateFontW
GetTextExtentPoint32W
StretchBlt
ExtTextOutW
SetBrushOrgEx
CreatePatternBrush
DeleteDC
DeleteObject
SetBkColor
UnrealizeObject
CreateBitmap
GetStockObject
SetBkMode
SetTextColor
SelectObject
BitBlt
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
CombineRgn
CreateSolidBrush
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
advapi32
LookupPrivilegeValueW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
CryptEnumProvidersA
CryptSignHashA
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegQueryValueW
SetEntriesInAclW
GetSecurityInfo
SetSecurityInfo
InitializeAcl
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
CryptGetHashParam
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken
GetUserNameW
CryptDecrypt
CryptReleaseContext
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
LookupAccountSidW
ConvertSidToStringSidW
LookupAccountNameW
ConvertStringSidToSidW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteW
SHCreateDirectoryExW
SHGetFileInfoW
SHGetDesktopFolder
SHGetMalloc
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation
SHAppBarMessage
comctl32
InitCommonControlsEx
_TrackMouseEvent
shlwapi
PathStripToRootW
PathIsUNCW
UrlUnescapeW
PathRemoveExtensionW
PathFindExtensionW
PathIsDirectoryW
PathCombineW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
StrFormatKBSizeW
uxtheme
OpenThemeData
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
ole32
CoInitializeEx
CoUninitialize
CoCreateInstance
CoInitialize
CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
StringFromGUID2
CoSetProxyBlanket
CoInitializeSecurity
OleUninitialize
oleaut32
SafeArrayUnaccessData
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringLen
VariantChangeType
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayAccessData
VariantCopy
VarBstrFromDate
LoadTypeLi
SysStringLen
VarBstrCat
VariantClear
VariantInit
SysFreeString
SysAllocString
oledlg
OleUIBusyW
urlmon
CoInternetSetFeatureEnabled
gdiplus
GdiplusStartup
GdiplusShutdown
GdipLoadImageFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDrawPath
GdipDeletePath
GdipCreatePath
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipSetPageUnit
GdipClosePathFigure
GdipAddPathArcI
GdipResetPath
GdipReleaseDC
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCloneImage
GdipDisposeImage
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipFree
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
wininet
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
InternetQueryOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetReadFile
InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
HttpQueryInfoW
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundW
crypt32
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
Sections
.text Size: 3.3MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 70KB - Virtual size: 115KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.giats Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 215KB - Virtual size: 214KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ