C:\vulagozitop hovares\jipu.pdb
Static task
static1
Behavioral task
behavioral1
Sample
2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf.exe
Resource
win10v2004-20241007-en
General
-
Target
2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf
-
Size
361KB
-
MD5
b53ac40a9909859397486caf77e7f404
-
SHA1
b64536cb8b3bfd0b626d517ef77a969fd00adbac
-
SHA256
2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf
-
SHA512
71e6aee03f67a6514585fd126b21e7f990fae01518e2e7129314b603081fe1e2209eea8a6cca7ddaaf617b8f58cf8507bc3232a61c810c18329e1684a7927122
-
SSDEEP
6144:nP5lRPv2iqc3WM2xBUOzDuFl1m0J0fu9XR+Y4BO2JHUg7b/EDN/:P5/eiqc3WMrMDqqfS1eJJpkDh
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf
Files
-
2318e8dbc85950fbb36c05dde64f9858d6781efff69d133c7380d78603429ecf.exe windows:5 windows x86 arch:x86
ddd4504dfae4a1c918f514bef93af10e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
SetLocaleInfoW
FindFirstVolumeW
GetNamedPipeHandleStateW
FileTimeToSystemTime
EnumResourceTypesA
EnumResourceNamesA
FillConsoleOutputCharacterW
GetTimeZoneInformation
TerminateProcess
SetLastError
SetEvent
FindNextFileW
GetCompressedFileSizeW
CopyFileExW
BuildCommDCBAndTimeoutsA
QueryDepthSList
GetVersionExW
VerifyVersionInfoA
ReadConsoleOutputCharacterA
SetDefaultCommConfigW
VerLanguageNameA
EscapeCommFunction
WritePrivateProfileStructA
FreeEnvironmentStringsW
CreateTimerQueue
FindNextVolumeMountPointA
GetWriteWatch
WriteConsoleInputA
SetComputerNameExW
FindAtomW
GlobalDeleteAtom
SetThreadPriority
CallNamedPipeW
GetDriveTypeA
BuildCommDCBAndTimeoutsW
VirtualProtect
GlobalAlloc
GetProfileSectionW
GetCommandLineA
InterlockedDecrement
FindFirstChangeNotificationA
GetCalendarInfoA
ReleaseActCtx
FindResourceW
FormatMessageA
SetDllDirectoryW
GetModuleHandleW
WritePrivateProfileStringA
GetUserDefaultLangID
GlobalFix
HeapValidate
InterlockedCompareExchange
GetStartupInfoA
WriteProfileSectionW
SetCalendarInfoA
DebugBreak
SetConsoleTextAttribute
GetLastError
CopyFileA
DisconnectNamedPipe
GetCPInfoExW
WriteProfileSectionA
SetConsoleCursorPosition
ContinueDebugEvent
InterlockedExchangeAdd
GetACP
GetPrivateProfileStringA
CreateActCtxW
GetConsoleAliasA
OutputDebugStringW
lstrlenA
LoadLibraryW
WriteConsoleA
GetPrivateProfileSectionNamesA
GlobalWire
FormatMessageW
LocalAlloc
lstrcatA
EnumCalendarInfoA
SetThreadAffinityMask
VerSetConditionMask
SetConsoleCP
GetSystemWindowsDirectoryA
GetProfileStringW
GetQueuedCompletionStatus
AllocConsole
GlobalGetAtomNameA
SetComputerNameW
GetConsoleAliasExesLengthW
WriteConsoleInputW
CreateMailslotW
SetCommState
MoveFileWithProgressA
SetSystemTimeAdjustment
_hread
_lopen
EnumSystemLocalesW
GetConsoleAliasExesLengthA
MoveFileA
ResetWriteWatch
FreeEnvironmentStringsA
GetPrivateProfileStringW
EnumDateFormatsW
DeleteAtom
GetSystemWindowsDirectoryW
GetComputerNameW
GetConsoleAliasesLengthA
FindFirstVolumeA
CancelDeviceWakeupRequest
AreFileApisANSI
OpenWaitableTimerA
OpenFileMappingA
SetProcessAffinityMask
GetConsoleAliasesLengthW
SetProcessShutdownParameters
ReadConsoleW
WriteConsoleOutputCharacterA
GetNumberFormatW
GetConsoleAliasExesA
GetBinaryTypeW
GetCurrentActCtx
InitializeCriticalSection
GetSystemWow64DirectoryW
LoadLibraryA
DeleteFileA
RaiseException
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
SetStdHandle
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
InterlockedIncrement
GetProcAddress
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetHandleCount
GetStdHandle
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
GetConsoleOutputCP
MultiByteToWideChar
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
CloseHandle
FlushFileBuffers
gdi32
GetCharWidthA
winhttp
WinHttpConnect
msimg32
AlphaBlend
Sections
.text Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 177KB - Virtual size: 340KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ