Static task
static1
Behavioral task
behavioral1
Sample
5aab4177554129c5a7de5987b1590846616c9bc13195620d058a0693577a315f.exe
Resource
win7-20240708-en
General
-
Target
5aab4177554129c5a7de5987b1590846616c9bc13195620d058a0693577a315f
-
Size
1.0MB
-
MD5
5d31cf31cfa14685818f82695c8d69ae
-
SHA1
4e0593d4b76cc0158bcc1fd69ab55291f2620355
-
SHA256
5aab4177554129c5a7de5987b1590846616c9bc13195620d058a0693577a315f
-
SHA512
75ad7af2890d5c094b6560b074b83fd55fbe117b5de56a91935454fc7b9364e98a1c021603b608f9d2a2cd40a83e4718b8123cfbc0e966b8cc2ec84370c22c10
-
SSDEEP
24576:rZ1pilG4hHwrlli5t5cx1y7wkpn4rCYSP:UlG4EnZMp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 5aab4177554129c5a7de5987b1590846616c9bc13195620d058a0693577a315f
Files
-
5aab4177554129c5a7de5987b1590846616c9bc13195620d058a0693577a315f.exe windows:4 windows x86 arch:x86
28cfd422148407c294541e520f2f7722
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
DeleteFileA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
HeapSize
HeapReAlloc
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
ExitThread
CreateThread
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
SleepEx
GetSystemDirectoryA
PeekNamedPipe
ExpandEnvironmentStringsA
GetProfileStringA
GetCurrentProcessId
GetFileInformationByHandle
GetDriveTypeA
RtlUnwind
GetTickCount
SetErrorMode
GetFileSize
SizeofResource
GetOEMCP
GetCPInfo
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
GetProcessVersion
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetDiskFreeSpaceA
GetFileTime
GetFullPathNameA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
WaitForMultipleObjects
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
GetCurrentThread
lstrcmpA
GetModuleFileNameA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
GlobalLock
lstrcpynA
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
WriteFile
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
SetEvent
GlobalAlloc
GlobalFree
WaitForSingleObject
Sleep
SetEnvironmentVariableA
user32
DestroyIcon
GetMenuStringA
InsertMenuA
LockWindowUpdate
GetDCEx
InvertRect
WindowFromPoint
LoadStringA
GetClassNameA
GetSysColorBrush
CharUpperA
IsZoomed
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
FillRect
FindWindowA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
EndDialog
CreateDialogIndirectParamA
GetSystemMenu
DeleteMenu
IsRectEmpty
SetParent
DestroyCursor
SetCursorPos
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CharNextA
MapWindowPoints
GetSysColor
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetSystemMetrics
GetLastActivePopup
IsWindowVisible
IsIconic
UnregisterClassA
GetFocus
EqualRect
CopyRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
GetTabbedTextExtentA
RegisterClipboardFormatA
SendDlgItemMessageA
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
PeekMessageA
PostMessageA
GetCapture
LoadAcceleratorsA
SetRectEmpty
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
RegisterWindowMessageA
GetActiveWindow
GetParent
GetMenuItemID
AdjustWindowRectEx
RedrawWindow
SetWindowPos
GetClientRect
GetWindowLongA
SetWindowLongA
IsWindow
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
CreateWindowExA
BringWindowToTop
GetMenuItemCount
GetSubMenu
wsprintfA
SetTimer
KillTimer
PtInRect
InflateRect
GetMenu
CheckMenuItem
CreatePopupMenu
AppendMenuA
DestroyWindow
GetCursorPos
ScreenToClient
LoadCursorA
SetCursor
GetDC
ReleaseDC
ReleaseCapture
SetRect
SetCapture
UpdateWindow
OffsetRect
EnableWindow
InvalidateRect
SendMessageA
GetWindowRect
CheckDlgButton
gdi32
CreatePatternBrush
SetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
LPtoDP
DPtoLP
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
GetTextExtentPoint32A
GetMapMode
SetRectRgn
CombineRgn
CreateFontIndirectA
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
CreateDIBitmap
GetTextExtentPointA
CreateRectRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
GetTextMetricsA
BitBlt
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
StartDocA
CreateRectRgnIndirect
GetCharWidthA
DeleteObject
StretchDIBits
DeleteDC
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Rectangle
CreateHatchBrush
Ellipse
CreateDIBSection
GetObjectA
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontA
CreateSolidBrush
SelectObject
GetStockObject
ScaleViewportExtEx
comdlg32
CommDlgExtendedError
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
PrintDlgA
ChooseColorA
winspool.drv
DocumentPropertiesA
ClosePrinter
OpenPrinterA
advapi32
RegCreateKeyExA
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
CryptDestroyKey
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
CryptCreateHash
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
SHGetFileInfoA
DragQueryFileA
DragFinish
ShellExecuteA
ExtractIconA
comctl32
ord17
oledlg
ord8
ole32
OleIsCurrentClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
olepro32
ord253
oleaut32
SysStringLen
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
wldap32
ord27
ord46
ord32
ord200
ord301
ord26
ord50
ord60
ord143
ord211
ord33
ord79
ord30
ord41
ord22
ord35
ws2_32
getsockopt
ntohs
getpeername
getsockname
recv
send
setsockopt
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
connect
WSAIoctl
bind
htons
closesocket
socket
inet_ntoa
htonl
gethostbyname
inet_addr
getservbyname
gethostbyaddr
getservbyport
sendto
recvfrom
listen
accept
ioctlsocket
gethostname
select
Sections
.text Size: 536KB - Virtual size: 535KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 84KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 372KB - Virtual size: 372KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ