Static task
static1
Behavioral task
behavioral1
Sample
dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d.exe
Resource
win10v2004-20241007-en
General
-
Target
dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d.exe
-
Size
237KB
-
MD5
e0617b93f77542ffa4ec38181c7f5160
-
SHA1
9d7597fa7cd0ae399dc51356d836c8fb301160fb
-
SHA256
dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d
-
SHA512
2e7b01e593db7887a07af1eaff058305e866ca4c59d9e754063c2862dd3695af65a91319b8f32a4eef59d58a9bee4b0c566df3fcb206d2b3e65b19a045af937b
-
SSDEEP
6144:NA2P27yTAnKGw0hjFhSR/W1nyAJ9v0pMtRCpYQ:NATuTAnKGwUAWVycQqgD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d.exe
Files
-
dcc5d0c9c2f599beb484978d679a31794c44b611b7ba6586ebf5357f9d9c7a4d.exe.exe windows:5 windows x86 arch:x86
eb29527bc4a3140f4ce75eb5d2954101
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_UP_SYSTEM_ONLY
Imports
kernel32
lstrcpyA
CloseHandle
CreateFileW
FlushFileBuffers
LCMapStringW
GetStringTypeW
SetStdHandle
RtlUnwind
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
SetFilePointer
WriteFile
OpenEventW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
ExitProcess
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
HeapValidate
GetModuleFileNameW
EncodePointer
DecodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
FillConsoleOutputAttribute
FindFirstChangeNotificationA
GetModuleHandleA
GetSystemInfo
FindNextChangeNotification
LockResource
GetConsoleScreenBufferInfo
GetPrivateProfileStringA
GetLastError
FillConsoleOutputCharacterA
GetStdHandle
SetCurrentDirectoryA
lstrlenW
MultiByteToWideChar
SetConsoleCursorPosition
HeapCreate
CreateEventA
SizeofResource
ReadConsoleInputA
WideCharToMultiByte
FindResourceExA
FlushConsoleInputBuffer
HeapSetInformation
GetCommandLineA
FindCloseChangeNotification
WaitForSingleObject
GetCurrentProcess
HeapAlloc
LoadResource
lstrlenA
SetLastError
RaiseException
user32
GetWindow
MoveWindow
CheckMenuItem
EndPaint
DestroyWindow
EnumDisplayMonitors
GetSystemMenu
SetTimer
ScreenToClient
GetWindowRect
RegisterClassExA
PostQuitMessage
SendDlgItemMessageA
GetWindowDC
IsIconic
FillRect
KillTimer
GetSubMenu
DrawIconEx
LoadBitmapA
GetParent
LoadIconA
wsprintfA
DrawIcon
FindWindowExA
GetClientRect
ExitWindowsEx
SetFocus
SendMessageA
BeginPaint
GetIconInfo
GetDC
TranslateMessage
GetMenu
SetRect
SetWindowLongA
MessageBoxA
UnionRect
InvalidateRect
UnregisterClassA
CreateWindowExA
PeekMessageA
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
GetDesktopWindow
GetSysColor
SetWindowPos
GetMenuItemInfoA
CheckDlgButton
ShowWindow
IsDlgButtonChecked
IsWindow
DispatchMessageA
MessageBoxW
SystemParametersInfoA
GetSystemMetrics
SetWindowTextA
LoadImageA
UpdateWindow
LoadCursorA
SetDlgItemTextA
gdi32
BitBlt
PatBlt
GetTextExtentPoint32A
DeleteDC
CreateDIBSection
CreateFontIndirectA
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
CreateCompatibleBitmap
CreatePen
GetObjectA
GetStockObject
CreateSolidBrush
advapi32
RegCreateKeyA
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
shell32
SHGetFolderPathW
ord727
SHGetFileInfoW
SHGetMalloc
SHGetFolderLocation
SHGetFolderPathA
SHGetDesktopFolder
ole32
CoInitialize
CoUninitialize
CoCreateInstance
odbc32
ord41
shlwapi
StrRetToBufA
PathCompactPathA
comctl32
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Add
activeds
ord17
secur32
InitSecurityInterfaceA
Sections
.text Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 67KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.htext Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE