Static task
static1
Behavioral task
behavioral1
Sample
901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545N.exe
Resource
win10v2004-20241007-en
General
-
Target
901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545N.exe
-
Size
458KB
-
MD5
c55ea95b42d4d57f78f5d46b8ab28510
-
SHA1
d588d8a5bdb48e1efefae839d314c4dde6ffa793
-
SHA256
901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545
-
SHA512
9881bfca2548f53bbb130c79354e579c1579df2eafb5281fc026044626d7621c8483e15d2dc788555c21d0bdbd70aff94427213378f59f93fe74f9d4489ecbbb
-
SSDEEP
12288:CSj54Pm9zby3Wlu6IzDNzjLByKJrMZjOUSOI60:ttyavWMu6ItzJyurMZzN
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545N.exe
Files
-
901f507f15753ef74c63ae137017d61e13976218a2543eeb1456079c3a2b2545N.exe.exe windows:5 windows x86 arch:x86
30917d501df94f4cc6b4fe22ac67ca9e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegOpenKeyExA
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumValueW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
user32
UnhookWindowsHookEx
SetPropW
FindWindowExW
GetDlgItemTextW
GetPropW
CallNextHookEx
RegisterWindowMessageA
GetDlgItem
MsgWaitForMultipleObjects
SendDlgItemMessageW
DestroyWindow
TranslateAcceleratorW
SetCursor
DestroyMenu
GetDlgItemInt
CopyRect
LoadCursorW
GetSystemMenu
GetWindowLongA
DrawEdge
EqualRect
GetKeyboardLayout
DialogBoxIndirectParamW
IntersectRect
RemovePropW
IsWindowVisible
CreatePopupMenu
GetWindowTextW
DrawFocusRect
MapWindowPoints
MessageBeep
ShowCursor
GetWindowLongW
DlgDirListW
CharLowerW
PostMessageW
WinHelpW
CreateDialogIndirectParamW
CharPrevW
CheckRadioButton
IsWindowEnabled
GetWindowRect
SetWindowPlacement
DeferWindowPos
GetWindowTextLengthW
EnumChildWindows
GetWindow
GetWindowPlacement
LoadImageW
ScreenToClient
EndDialog
TranslateMessage
EndPaint
SetDlgItemTextA
CharNextW
LoadAcceleratorsW
SetDlgItemInt
CreateDialogIndirectParamA
BeginPaint
SetFocus
FrameRect
GetDialogBaseUnits
SetWindowTextW
GrayStringW
DrawIcon
DialogBoxIndirectParamAorW
GetDC
ClipCursor
ShowWindow
SetWindowLongW
LockWindowUpdate
DrawTextW
ValidateRect
MoveWindow
LoadIconW
CharNextA
RegisterWindowMessageW
CallWindowProcW
RegisterClipboardFormatW
InvalidateRect
EnableWindow
CreateWindowExW
SetParent
FillRect
IsWindow
BeginDeferWindowPos
SetDlgItemTextW
ReleaseDC
GetDlgItemTextA
SetWindowsHookExW
LoadStringW
SetTimer
EndDeferWindowPos
SetCapture
RedrawWindow
CheckDlgButton
KillTimer
ChildWindowFromPoint
DispatchMessageW
GetSysColorBrush
InflateRect
UpdateWindow
IsDlgButtonChecked
CreateDialogIndirectParamAorW
DeleteMenu
GetClientRect
GetKeyState
GetParent
SendMessageW
PeekMessageW
GetSystemMetrics
DefWindowProcW
PtInRect
GetFocus
SetWindowPos
GetSysColor
GetLastActivePopup
MessageBoxW
GetDlgCtrlID
kernel32
GetProcessVersion
CreateFileW
FindResourceW
ResetEvent
GetCurrentProcessId
TlsSetValue
GetSystemTimeAsFileTime
lstrcpyA
lstrlenW
InterlockedDecrement
GetCurrentThreadId
GetVersionExA
SizeofResource
CloseHandle
DeleteCriticalSection
LocalFree
GetModuleHandleW
GetFileAttributesW
SetUnhandledExceptionFilter
GetProcAddress
CreateEventW
SetEvent
FindNextFileW
FindClose
LockResource
DisableThreadLibraryCalls
GetProfileStringW
GetUserDefaultLCID
WideCharToMultiByte
FreeLibraryAndExitThread
SetErrorMode
GetLastError
SetLastError
InterlockedIncrement
lstrcmpW
LoadLibraryW
GetDriveTypeW
FormatMessageW
FindFirstFileW
MultiByteToWideChar
GetShortPathNameW
FindResourceExW
VirtualAllocEx
UnhandledExceptionFilter
Sleep
GlobalFree
FindResourceA
DeleteFileW
GetSystemDefaultUILanguage
ExpandEnvironmentStringsW
GetTickCount
InterlockedCompareExchange
QueryPerformanceCounter
SetCurrentDirectoryW
lstrcpynW
lstrcmpiW
GlobalAlloc
TlsGetValue
LocalReAlloc
GetVolumeInformationW
GetACP
GlobalUnlock
GetModuleHandleA
DelayLoadFailureHook
GlobalLock
GlobalReAlloc
FreeLibrary
GetFullPathNameW
GetCurrentProcess
TerminateProcess
lstrlenA
GetModuleFileNameW
InterlockedExchange
TlsAlloc
LoadLibraryA
LoadResource
GetTempFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateThread
lstrcpyW
GetLocaleInfoW
MulDiv
GetCurrentDirectoryW
WaitForSingleObject
TlsFree
LocalAlloc
ws2_32
getnameinfo
WSAEventSelect
WSALookupServiceEnd
WSAIoctl
WSASocketW
getaddrinfo
WSAAddressToStringW
WSALookupServiceNextW
WSAAddressToStringA
WSASendTo
WSAStringToAddressA
WSALookupServiceBeginW
freeaddrinfo
WSARecvFrom
dnsapi
DnsReplaceRecordSetW
ntdll
wcslen
NtQueryVirtualMemory
RtlUnicodeStringToAnsiString
RtlAnsiStringToUnicodeString
RtlInitUnicodeStringEx
memmove
RtlUnwind
_chkstk
_vsnwprintf
RtlUnicodeToMultiByteSize
_wcsicmp
RtlIsNameLegalDOS8Dot3
mswsock
GetAcceptExSockaddrs
AcceptEx
ole32
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
gdi32
CreateCompatibleDC
SetMapMode
CreateRectRgnIndirect
LineTo
GetNearestColor
GetObjectW
SetWindowExtEx
ExtTextOutW
CreateDCW
Rectangle
SelectClipRgn
GetCharWidth32W
GetMapMode
GetStockObject
DeleteObject
CreateCompatibleBitmap
MoveToEx
GetTextMetricsW
TextOutW
CreatePen
GetTextCharsetInfo
SetViewportExtEx
TranslateCharsetInfo
SetTextColor
SetBkColor
GetTextExtentPointW
SetBkMode
GetWindowExtEx
GetTextCharset
CreateDiscardableBitmap
ExcludeClipRect
CreateFontIndirectW
EnumFontFamiliesExW
CreateFontW
SelectPalette
CreateSolidBrush
SelectObject
CreateDIBitmap
RealizePalette
PatBlt
BitBlt
GetDeviceCaps
DeleteDC
CreateICW
GetViewportExtEx
comctl32
ImageList_Destroy
PropertySheetW
ImageList_Draw
CreatePropertySheetPageW
CreateToolbarEx
InitCommonControlsEx
ImageList_GetIconSize
Sections
.text Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 405KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE