Behavioral task
behavioral1
Sample
871588a9ecd1c56ba0dbb129b48537a292052dd3c4c7aeae62d50d8fa69c2dff.exe
Resource
win7-20240708-en
windows7-x64
General
-
Target
871588a9ecd1c56ba0dbb129b48537a292052dd3c4c7aeae62d50d8fa69c2dff
-
Size
1.4MB
-
MD5
22e33a7979b62193076f120a97b4af66
-
SHA1
a9016a2811f440406eba4352a6ee2f10a07e10fc
-
SHA256
871588a9ecd1c56ba0dbb129b48537a292052dd3c4c7aeae62d50d8fa69c2dff
-
SHA512
49cfb32f2e29fd917977f0c8a2672c925d733d417ae5137c3de32ab77741aa166b0214910c23a702234fbc7f7d5264154c41d0fabd921126b621614b8ee39b79
-
SSDEEP
6144:IIzeqel7oe4nmOXouZq2IzRq5ppFIztKXJa5Ga:m7oe4nmqWKZaL
Malware Config
Signatures
Files
-
871588a9ecd1c56ba0dbb129b48537a292052dd3c4c7aeae62d50d8fa69c2dff.exe windows:4 windows x86 arch:x86
dcc128c8aaa5cc74e65789d5578d4ac2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAllocEx
GetModuleHandleA
GetLastError
OpenThread
GlobalSize
OutputDebugStringA
EncodePointer
GlobalFindAtomW
GetFileSize
LockFile
UnlockFile
lstrcmpiW
GetStringTypeExW
GetThreadLocale
lstrcmpA
GetProfileIntW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
FindResourceExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetSystemDefaultUILanguage
GlobalFlags
SetErrorMode
GetWindowsDirectoryW
SearchPathW
UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
SetThreadContext
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
SuspendThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileExW
GetConsoleCP
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
GetOEMCP
IsValidCodePage
HeapQueryInformation
SetStdHandle
ExitProcess
GetCommandLineW
GetCommandLineA
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
SizeofResource
GetThreadContext
CreateToolhelp32Snapshot
ResumeThread
Thread32First
Thread32Next
HeapCreate
InterlockedCompareExchange
GetProcessAffinityMask
GetShortPathNameW
GetLongPathNameW
RemoveDirectoryW
OutputDebugStringW
TryEnterCriticalSection
GetExitCodeThread
CreateHardLinkW
MoveFileW
SetFileAttributesW
GetSystemDirectoryW
GetConsoleMode
GetSystemTime
TzSpecificLocalTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetFileType
GetFileTime
SetFileTime
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetStdHandle
IsDBCSLeadByte
GetCPInfo
CompareStringW
FoldStringW
AreFileApisANSI
DebugBreak
IsDBCSLeadByteEx
LocalAlloc
IsBadWritePtr
IsBadReadPtr
GlobalGetAtomNameW
FormatMessageW
FlushInstructionCache
QueryPerformanceCounter
QueryPerformanceFrequency
lstrlenW
SetThreadPriority
GetCurrentThread
GetThreadPriority
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
lstrcmpW
InterlockedDecrement
InterlockedIncrement
GetNumberFormatW
SetLastError
IsWow64Process
GetVersionExW
GetFileAttributesW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
LoadLibraryA
GetSystemDirectoryA
CreateMutexA
GetModuleFileNameA
FormatMessageA
QueueUserWorkItem
GetStringTypeW
LCMapStringW
LockResource
LoadResource
FindResourceW
CreateProcessW
FreeEnvironmentStringsW
GetEnvironmentStringsW
DuplicateHandle
CreatePipe
TerminateProcess
CreateThread
GetVolumeInformationW
GetTempFileNameW
DecodePointer
RaiseException
GetUserDefaultUILanguage
ReadDirectoryChangesW
GetOverlappedResult
CancelIo
GetACP
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesExW
GlobalDeleteAtom
GlobalAddAtomW
ReleaseMutex
CreateMutexW
SetCurrentDirectoryW
HeapSetInformation
SetDllDirectoryW
DeviceIoControl
GetTempPathW
CreateFileA
IsDebuggerPresent
DeleteFileW
CopyFileW
SleepEx
HeapReAlloc
HeapSize
GetProcAddress
HeapDestroy
HeapFree
GetProcessHeap
HeapAlloc
FreeResource
SetUnhandledExceptionFilter
GetModuleFileNameW
GetDriveTypeW
LocalFree
GetLocaleInfoA
GetCurrentDirectoryW
FindNextFileW
GetDiskFreeSpaceExW
FindClose
FindFirstFileW
SetSystemPowerState
SetThreadExecutionState
GetLocaleInfoW
TerminateThread
WaitForSingleObject
WriteFile
GetTickCount
MulDiv
ResetEvent
SetEvent
CreateEventW
CreateDirectoryW
Sleep
GetLocalTime
GetCurrentProcessId
CreateFileW
ReadFile
SetFilePointerEx
GetFileSizeEx
InitializeCriticalSection
CloseHandle
LoadLibraryExW
GetCurrentThreadId
WideCharToMultiByte
GetUserDefaultLCID
InterlockedExchange
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
GetFullPathNameW
GetCurrentProcess
SetPriorityClass
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
GetModuleHandleW
user32
LoadIconA
CharNextA
UnhookWinEvent
GetWindowThreadProcessId
DeleteMenu
LoadCursorFromFileW
DlgDirSelectExW
SetWindowWord
LoadKeyboardLayoutA
FindWindowExW
SetUserObjectInformationA
OemToCharW
GetMenuDefaultItem
DdeSetUserHandle
MapVirtualKeyW
GetKeyNameTextW
CharNextW
MapDialogRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextW
WaitMessage
SendDlgItemMessageA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetWindowTextW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
IsWindowEnabled
GetNextDlgTabItem
WinHelpW
SetScrollInfo
GetLastActivePopup
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetMenu
SetFocus
IsChild
GetClassInfoExW
GetClassInfoW
GetMenuState
GetMenuStringW
GetIconInfo
wsprintfW
SetWindowRgn
GetScrollInfo
GetClassLongW
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvertRect
DrawTextExW
GetMenu
CreateDialogIndirectParamW
EndDialog
DialogBoxParamW
CharUpperW
CharLowerW
CharToOemBuffW
OemToCharA
CharToOemA
OemToCharBuffA
CharLowerBuffW
DestroyWindow
RegisterClassW
GetAsyncKeyState
GetQueueStatus
wsprintfA
DestroyMenu
IsClipboardFormatAvailable
GetMessageW
SetParent
UnregisterClassW
SetProcessDefaultLayout
SendNotifyMessageW
GetMessagePos
EnumDisplayDevicesW
RedrawWindow
SetPropW
GetDlgCtrlID
TranslateMessage
GetDlgItemTextW
SetWindowPos
MoveWindow
CreateWindowExW
CallWindowProcW
IntersectRect
UnregisterHotKey
RegisterHotKey
RegisterRawInputDevices
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetRawInputData
SetWindowPlacement
GetWindowPlacement
ShowWindow
AllowSetForegroundWindow
DefWindowProcW
LockWindowUpdate
MsgWaitForMultipleObjectsEx
SetClassLongW
GetDoubleClickTime
TrackMouseEvent
GetClassNameW
EnumDisplayMonitors
CallNextHookEx
DispatchMessageW
GetMessageTime
SetWindowsHookExW
UnhookWindowsHookEx
EqualRect
MonitorFromRect
DestroyIcon
FindWindowW
MsgWaitForMultipleObjects
CheckMenuItem
AppendMenuW
RemoveMenu
CreatePopupMenu
ChangeDisplaySettingsExW
EnumDisplaySettingsW
IsMenu
MessageBeep
CheckMenuRadioItem
SetWindowLongW
SetRectEmpty
InsertMenuW
EnableMenuItem
SetMenuItemInfoW
GetMenuItemInfoW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetSystemMenu
SetWindowContextHelpId
ShowOwnedPopups
SetLayeredWindowAttributes
CopyImage
RealChildWindowFromPoint
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawStateW
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetMenuItemID
GetMenuItemCount
LockWorkStation
ExitWindowsEx
SystemParametersInfoW
GetActiveWindow
GetTopWindow
GetForegroundWindow
MonitorFromPoint
GetMonitorInfoW
GetWindowLongW
AdjustWindowRectEx
GetMenuItemRect
GetSubMenu
SetForegroundWindow
IsIconic
GetKeyboardLayout
GetKeyboardState
NotifyWinEvent
SetCursorPos
EnableScrollBar
HideCaret
CopyIcon
DrawIcon
SetMenuDefaultItem
ModifyMenuW
IsCharLowerW
MapVirtualKeyExW
CharUpperBuffW
UpdateLayeredWindow
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
GetComboBoxInfo
DestroyCursor
TrackPopupMenu
PostThreadMessageW
LoadMenuW
RegisterWindowMessageW
PostQuitMessage
GetFocus
GetAncestor
GetCapture
IsZoomed
RegisterClipboardFormatW
MessageBoxW
GetKeyState
GetSysColorBrush
GetCursorPos
DrawFrameControl
OffsetRect
ReleaseCapture
WindowFromPoint
ScreenToClient
ClientToScreen
SetCapture
FrameRect
FillRect
CopyRect
MonitorFromWindow
ReleaseDC
GetDC
SetTimer
KillTimer
PeekMessageW
UpdateWindow
SetActiveWindow
GetDesktopWindow
SetRect
UnionRect
SetCursor
GetSysColor
GetDlgItem
LoadIconW
PtInRect
GetSystemMetrics
InflateRect
GetWindowRect
IsRectEmpty
InvalidateRect
IsWindow
PostMessageW
MapWindowPoints
GetClientRect
IsWindowVisible
GetWindow
LoadCursorW
CreateAcceleratorTableW
DestroyAcceleratorTable
CloseClipboard
SetClipboardData
EmptyClipboard
GetParent
OpenClipboard
LoadImageW
SendMessageW
EnableWindow
ChangeDisplaySettingsExA
GetDCEx
gdi32
GetStockObject
RealizePalette
DrawEscape
XLATEOBJ_piVector
PATHOBJ_bEnumClipLines
FONTOBJ_vGetInfo
SetColorAdjustment
GetNearestColor
CreateEllipticRgnIndirect
SetVirtualResolution
PATHOBJ_vEnumStartClipLines
GetCharABCWidthsW
GdiDescribePixelFormat
GetPaletteEntries
CopyMetaFileW
FONTOBJ_cGetGlyphs
SetMetaRgn
ColorCorrectPalette
GetEnhMetaFilePixelFormat
EndDoc
EudcUnloadLinkW
GetROP2
GetPolyFillMode
DeleteMetaFile
GdiConvertMetaFilePict
GdiEntry4
GdiEndDocEMF
GdiSwapBuffers
GetBitmapBits
GetDCPenColor
GdiDeleteSpoolFileHandle
PatBlt
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectPalette
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ExtTextOutW
SetWindowExtEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
DPtoLP
GetBkColor
SetRectRgn
StretchDIBits
CreateDIBitmap
GetTextCharsetInfo
GetRgnBox
CreateEllipticRgn
Ellipse
Polygon
Polyline
CreateRoundRectRgn
CreatePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
PtInRegion
GetViewportExtEx
SetPixelV
GetTextFaceW
OffsetRgn
GdiFlush
OffsetViewportOrgEx
SelectClipRgn
AbortPath
GetPath
EndPath
CloseFigure
BeginPath
SetMapMode
AddFontResourceW
GetICMProfileW
TextOutW
SetTextColor
SetBkColor
GetCurrentObject
TranslateCharsetInfo
EnumFontFamiliesExW
CreateFontW
EqualRgn
CombineRgn
CreateRectRgn
GetRegionData
EnumFontFamiliesW
GetTextMetricsW
GetTextColor
ExtSelectClipRgn
CreateRectRgnIndirect
SetPixel
SetBkMode
CreateFontIndirectW
SetViewportExtEx
SetViewportOrgEx
CreateDCW
SetDIBColorTable
CreateCompatibleBitmap
CreateBitmap
LineTo
MoveToEx
CreateSolidBrush
GetTextExtentPoint32W
GetDeviceCaps
Rectangle
DeleteObject
GetObjectW
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
CreatePolygonRgn
GetPixel
GetWindowOrgEx
GetViewportOrgEx
FillRgn
CreateDIBSection
SelectObject
DeleteDC
CreateCompatibleDC
SetStretchBltMode
StretchBlt
GetCharWidthW
CreatePen
BitBlt
advapi32
RegOpenKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
CryptHashData
CryptDestroyHash
ControlService
QueryServiceStatusEx
CryptCreateHash
RegQueryValueExW
CryptReleaseContext
OpenServiceW
OpenSCManagerW
DeleteService
CryptAcquireContextW
CloseServiceHandle
CryptGetHashParam
RegSetValueW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyW
SetFileSecurityW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
RegSetValueA
RegQueryValueW
RegQueryValueA
RegOpenKeyA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA
shell32
ShellHookProc
SHGetDesktopFolder
SHIsFileAvailableOffline
SHQueryRecycleBinW
SHGetMalloc
ShellExecuteW
SHChangeNotify
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAddToRecentDocs
ExtractIconExW
SHGetFolderPathW
ShellExecuteExW
SHParseDisplayName
SHOpenFolderAndSelectItems
SHFileOperationW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHAppBarMessage
ExtractIconW
ole32
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
CoRevokeClassObject
CoRegisterMessageFilter
IsAccelerator
OleTranslateAccelerator
CoUninitialize
CoInitialize
CoWaitForMultipleHandles
CreateItemMoniker
GetRunningObjectTable
CLSIDFromString
MkParseDisplayName
CreateBindCtx
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleLockRunning
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleDuplicateData
CoFreeUnusedLibraries
CoInitializeEx
OleUninitialize
StringFromGUID2
PropVariantClear
StringFromCLSID
OleSaveToStream
shlwapi
PathRenameExtensionW
PathStripPathW
PathRemoveFileSpecW
StrFormatByteSizeW
PathFindExtensionW
PathSkipRootW
PathRemoveExtensionW
PathMakePrettyW
PathIsDirectoryW
PathCombineW
PathAddExtensionW
PathAddBackslashW
StrCmpLogicalW
SHCopyKeyW
PathFileExistsW
StrRetToStrW
PathAppendW
PathCompactPathW
PathRelativePathToW
PathCanonicalizeW
PathRemoveBackslashW
PathIsRelativeW
PathIsPrefixW
PathIsUNCW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
StrFormatKBSizeW
comctl32
ImageList_Remove
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_AddMasked
ImageList_Draw
ImageList_Add
_TrackMouseEvent
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetImageInfo
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
Sections
.text Size: 280KB - Virtual size: 279KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 293B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text11 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text10 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text9 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text8 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text7 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text6 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.text5 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.text4 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.text3 Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.data3 Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 74KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ