Static task
static1
Behavioral task
behavioral1
Sample
7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba.exe
Resource
win10v2004-20241007-en
General
-
Target
7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba
-
Size
8.7MB
-
MD5
691c4944273ebdee88b7819b033b9dab
-
SHA1
e1b12c305c442ef82ebbeea652fc25bc819b1c15
-
SHA256
7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba
-
SHA512
dc532cab6157f652ae6d0c8179f034a7306d88aa374078c461abff1156cacce8e50595d426ef577872ea463cd87558403e24d027e718e88e4fd869a4ce2746ec
-
SSDEEP
98304:oRNjkDuX7yiWmcTYuVEWilcuiKS6m4goQ1K5O/i37fkQOsjj3FVz6JT4hQ5jFLp2:oRNoD1iET3mO/irpv1tvC5LpVO8g
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba
Files
-
7100af497cdd8e133de63917b8d9ecffadb241e7f681c8cdae02bffbf269f2ba.exe windows:5 windows x86 arch:x86
450bb1fbb4effde3b036914d2b595d0f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualFree
LoadLibraryExW
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStructW
LocalFileTimeToFileTime
GetCurrentProcessId
SetErrorMode
FlushViewOfFile
CreateMutexW
CreateFileMappingW
FindFirstFileW
InterlockedDecrement
GetModuleFileNameW
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
CreateIoCompletionPort
GetQueuedCompletionStatus
ResumeThread
CreateProcessW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
CreateRemoteThread
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
HeapAlloc
HeapFree
GetProcessHeap
lstrcatW
GetTempFileNameW
OpenMutexW
GetCurrentThreadId
VirtualProtect
WaitForMultipleObjects
GetSystemTime
InterlockedPopEntrySList
FlushFileBuffers
MultiByteToWideChar
GetDriveTypeW
GetExitCodeProcess
GetFileAttributesW
MoveFileExW
OutputDebugStringW
VirtualAlloc
MoveFileW
SetFileTime
WriteConsoleW
GetFileTime
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrentThread
FreeLibraryAndExitThread
ExitThread
ReadConsoleW
GetConsoleMode
GetConsoleCP
SetStdHandle
GetFileType
lstrcpynW
SetEnvironmentVariableA
GetACP
GetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
ReplaceFileA
MoveFileA
SetFilePointerEx
RemoveDirectoryA
GetFileAttributesExA
FindNextFileA
FindFirstFileA
CreateDirectoryA
InitializeCriticalSection
AreFileApisANSI
HeapCreate
InterlockedCompareExchange
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
LoadLibraryA
GetVersionExA
HeapReAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSizeEx
SetFileAttributesW
FormatMessageW
SystemTimeToFileTime
FreeEnvironmentStringsW
OutputDebugStringA
GetComputerNameW
GetFullPathNameW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetLongPathNameW
QueryPerformanceFrequency
QueryPerformanceCounter
RemoveDirectoryW
QueryDosDeviceW
LoadLibraryW
GetLogicalDriveStringsW
DuplicateHandle
TerminateThread
FreeLibrary
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFree
LocalAlloc
GetSystemInfo
GetProcAddress
FindFirstFileExW
SetFilePointer
SetEndOfFile
DeleteFileW
ReadFile
GetFileSize
WideCharToMultiByte
DeleteFileA
CreateFileA
WriteFile
SetLastError
GetVolumeInformationW
FindNextFileW
lstrcmpW
FindClose
FormatMessageA
UnmapViewOfFile
SetVolumeLabelW
GetTempPathW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LCMapStringW
UnregisterWaitEx
QueryDepthSList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
CompareStringW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
GetNumberFormatW
FindResourceW
SizeofResource
LoadResource
LockResource
GetModuleHandleA
GetLogicalDrives
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
OpenFileMappingW
MapViewOfFile
CreateFileW
DeviceIoControl
TerminateProcess
OpenProcess
GetVersionExW
CreateDirectoryW
CreateEventW
lstrlenW
GetLocalTime
CloseHandle
Sleep
WaitForSingleObject
ResetEvent
SetEvent
GetLastError
CreateThread
SetPriorityClass
SetThreadPriority
GetCurrentProcess
FlushInstructionCache
LoadLibraryExA
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
user32
DefWindowProcW
RegisterClassExW
CreateWindowExW
IsIconic
SetTimer
KillTimer
RegisterWindowMessageW
EnableMenuItem
SetMenuDefaultItem
SetActiveWindow
PtInRect
TrackMouseEvent
SetCapture
GetClipboardData
CloseClipboard
OpenClipboard
SetCursor
GetSystemMetrics
SystemParametersInfoW
ReleaseDC
GetDC
LoadCursorW
GetWindowThreadProcessId
ExitWindowsEx
EmptyClipboard
EnumDisplaySettingsW
EnumDisplayDevicesW
DestroyMenu
GetKeyState
SetForegroundWindow
GetWindowRect
GetCursorPos
GetWindowLongW
SetWindowLongW
ReleaseCapture
ClientToScreen
UnregisterClassW
UpdateLayeredWindow
GetMenuStringW
FindWindowW
DestroyIcon
LoadStringW
wsprintfW
DestroyWindow
mouse_event
ShowCursor
SetCursorPos
GetActiveWindow
ShowWindow
FindWindowExW
SendMessageTimeoutW
GetPropW
GetDesktopWindow
GetSystemMenu
CreatePopupMenu
AppendMenuW
TrackPopupMenu
BeginPaint
EndPaint
SetClipboardData
LoadIconW
SetPropW
DispatchMessageW
TranslateMessage
GetClassNameW
EnumWindows
EnumChildWindows
GetParent
IsWindowVisible
IsWindow
SendMessageW
PeekMessageW
MoveWindow
IsWindowEnabled
EnableWindow
EndDialog
IsZoomed
SetWindowPlacement
GetWindowPlacement
UnregisterHotKey
RegisterHotKey
SetFocus
GetWindow
GetIconInfo
SetWindowPos
PostQuitMessage
GetMessageW
MessageBoxW
PostMessageW
gdi32
CreateCompatibleDC
GetObjectW
DeleteObject
EnumFontFamiliesW
SelectObject
CreateDIBSection
DeleteDC
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
AllocateAndInitializeSid
CryptReleaseContext
CryptAcquireContextA
DuplicateTokenEx
CreateProcessAsUserW
EqualSid
SetTokenInformation
CredEnumerateW
CredDeleteW
CredFree
RegCloseKey
RegCreateKeyW
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegSetValueExW
RegEnumKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExW
OpenEventLogW
CloseEventLog
ClearEventLogW
GetUserNameW
GetTokenInformation
RegSetKeySecurity
RegGetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAce
InitializeAcl
GetLengthSid
FreeSid
CryptGenRandom
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
ConvertStringSidToSidW
RegUnLoadKeyW
RegLoadKeyW
LookupPrivilegeValueW
LookupAccountNameW
AdjustTokenPrivileges
OpenProcessToken
RegDeleteKeyW
shell32
ShellExecuteW
ShellExecuteExW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHFileOperationW
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetFolderPathW
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHAddToRecentDocs
ExtractIconExW
SHGetFileInfoW
ole32
StgIsStorageFile
StgOpenStorageEx
CoSetProxyBlanket
CoInitialize
OleRegGetUserType
CLSIDFromString
OleUninitialize
OleInitialize
PropVariantClear
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize
oleaut32
VariantClear
VariantInit
VariantTimeToSystemTime
SysFreeString
SysAllocString
gdiplus
GdipAlloc
GdipFree
GdipCreatePath
GdipDeleteBrush
GdipCreatePathGradientFromPath
GdipDeletePath
GdipCloneBrush
GdipResetPath
GdiplusStartup
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipSetTextRenderingHint
GdipMeasureString
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipClosePathFigure
GdipAddPathPolygonI
GdipGetFontHeightGivenDPI
GdipSetPenDashArray
GdipCreateTexture
GdipCreateSolidFill
GdipCreateLineBrushI
GdipDrawString
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipDeleteFont
GdipCreateRegion
GdipGetImageHeight
GdipDrawImageI
GdipBitmapSetResolution
GdipCreateBitmapFromScan0
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAddPathRectangleI
GdipAddPathLineI
GdipAddPathArcI
GdipCreateLineBrush
GdipDrawImageRectRectI
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateMatrix
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipSetImageAttributesGamma
GdipSetSmoothingMode
GdipSetWorldTransform
GdipTranslateWorldTransform
GdipGetDpiX
GdipGetDpiY
GdipDrawLine
GdipDrawRectangle
GdipGraphicsClear
GdipFillRectangle
GdipFillRectangleI
GdipFillPath
GdipDrawImage
GdipDrawImageRect
GdipDrawImagePointRectI
GdipDrawImageRectRect
GdipSetClipRectI
GdipSetClipPath
GdipSetClipRegion
GdipGetClip
GdipGetRegionBounds
GdipGetRegionScansCount
GdipGetRegionScansI
GdipMeasureCharacterRanges
GdipCloneStringFormat
GdipSetStringFormatTabStops
GdipSetStringFormatMeasurableCharacterRanges
GdipSetPenColor
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetPathGradientFocusScales
GdipSetPathGradientPresetBlend
GdipGetImageWidth
GdipDeleteRegion
GdipAddPathPieI
sfc
SfcIsFileProtected
ntdll
NtTerminateProcess
NtWriteVirtualMemory
esent
JetMove
JetRetrieveColumn
JetTerm
JetDelete
JetCloseTable
JetCloseDatabase
JetEndSession
JetInit2
wininet
InternetOpenUrlW
InternetReadFileExA
InternetReadFileExW
InternetSetStatusCallbackW
HttpQueryInfoW
InternetCloseHandle
InternetGetConnectedState
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
FindCloseUrlCache
InternetOpenW
InternetCheckConnectionW
crypt32
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptQueryObject
CryptMsgClose
CryptDecodeObject
CryptMsgGetParam
netapi32
NetUserEnum
NetApiBufferFree
shlwapi
SHDeleteValueW
SHDeleteKeyW
PathGetDriveNumberW
PathCanonicalizeW
PathIsNetworkPathW
PathFindExtensionW
PathIsRelativeW
SHStrDupW
PathMatchSpecA
PathStripPathW
PathMatchSpecW
PathFileExistsW
PathIsDirectoryW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
comctl32
InitCommonControlsEx
psapi
EnumProcesses
GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules
winmm
timeGetTime
Sections
.text Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 823KB - Virtual size: 823KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 107KB - Virtual size: 451KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ