D:\RXSCADA\MODULES\sys1.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3ac11012aae6ee127b637a5cab667fff70d54d7ff31a7beb998e65340e5fba34.exe
Resource
win7-20241010-en
windows7-x64
12 signatures
150 seconds
General
-
Target
3ac11012aae6ee127b637a5cab667fff70d54d7ff31a7beb998e65340e5fba34
-
Size
8.0MB
-
MD5
27038a95bd4709a40755ae920e606b03
-
SHA1
6c5586ff2404b8ea37e5b3ac8ead7b778a6f2d9a
-
SHA256
3ac11012aae6ee127b637a5cab667fff70d54d7ff31a7beb998e65340e5fba34
-
SHA512
bc108a0f98ab58e77dced11492e880a36ea3578c2c910c759e557a9bae4ff309df2f4b477ce9c8d88d3d3b760ab870a38faf072b61294c79d815fb3e5856fa64
-
SSDEEP
49152:dc75uCs+mC5d9CjZPl+jD63UxrWvNE+XJmJO5byML3GtHsEO+rTBtAYc1wxWRmri:dc77HBAdZN1fyMWzYZ/XOr
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3ac11012aae6ee127b637a5cab667fff70d54d7ff31a7beb998e65340e5fba34
Files
-
3ac11012aae6ee127b637a5cab667fff70d54d7ff31a7beb998e65340e5fba34.exe windows:5 windows x86 arch:x86
0ae0f3a1f584f71d1a0cc14c99a8c7d4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
SetEnvironmentVariableA
CreateFileW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
HeapQueryInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
CreateSemaphoreW
GetStartupInfoW
TerminateProcess
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
WaitForSingleObjectEx
SetConsoleCtrlHandler
FatalAppExitA
WriteConsoleW
OutputDebugStringW
GetStdHandle
GetFileType
SetStdHandle
ExitThread
AreFileApisANSI
ExitProcess
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapValidate
GetCommandLineA
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
GetModuleHandleExW
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetTickCount
GetUserDefaultLCID
ReplaceFileA
GetTempFileNameA
GetDiskFreeSpaceA
GetWindowsDirectoryA
FindResourceExW
CreateSemaphoreA
ReleaseMutex
ReleaseSemaphore
GetCurrentDirectoryA
SetFileTime
SetFileAttributesA
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetStringTypeExA
GetVolumeInformationA
MoveFileA
lstrcmpiA
GetShortPathNameA
LoadLibraryExA
GetCurrentProcess
GetHandleInformation
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
GetACP
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
VirtualProtect
GetProfileIntA
GetCPInfo
GetOEMCP
SetErrorMode
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
PulseEvent
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcessId
GetPrivateProfileIntA
WaitForSingleObject
GetVersionExA
GetCurrentThread
lstrcmpA
GetAtomNameA
CopyFileA
FormatMessageA
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
ResumeThread
SuspendThread
GetThreadPriority
SetThreadPriority
MulDiv
GlobalUnlock
GlobalLock
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
SetLocalTime
GetCurrentThreadId
OpenMutexA
CreateMutexA
CreateFileA
WaitCommEvent
SetCommState
SetCommMask
PurgeComm
GetCommState
SetupComm
ClearCommError
ReadFile
WriteFile
Sleep
WaitForMultipleObjects
GetOverlappedResult
GetLastError
TerminateThread
CreateThread
ResetEvent
CreateEventA
CloseHandle
SetEvent
DeleteCriticalSection
WideCharToMultiByte
FindResourceW
SizeofResource
LoadResource
LockResource
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WritePrivateProfileStructA
GetPrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
GetLocalTime
MultiByteToWideChar
GlobalFlags
lstrlenA
user32
LoadCursorA
GetLastActivePopup
FindWindowExA
SetParent
GetDesktopWindow
ChildWindowFromPointEx
ChildWindowFromPoint
WindowFromPoint
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowContextHelpId
SetWindowContextHelpId
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
ValidateRgn
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRgn
GetUpdateRect
GetDCEx
SetForegroundWindow
UpdateWindow
DragDetect
GetSystemMenu
DrawMenuBar
HiliteMenuItem
KillTimer
SetTimer
SetCapture
GetActiveWindow
GetOpenClipboardWindow
ChangeClipboardChain
GetClipboardViewer
SetClipboardViewer
GetClipboardOwner
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
CloseWindow
OpenIcon
ShowOwnedPopups
FlashWindow
PostThreadMessageA
SendNotifyMessageA
DrawAnimatedRects
DrawCaption
IsDialogMessageA
SetWindowTextA
ScrollWindowEx
IsWindowEnabled
EnableWindow
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMenuCheckMarkDimensions
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
LoadBitmapW
LoadBitmapA
CheckMenuRadioItem
InvertRect
FrameRect
FillRect
GetSysColorBrush
GetMenuContextHelpId
SetMenuContextHelpId
ScrollDC
ExcludeUpdateRgn
WindowFromDC
GetTabbedTextExtentA
DrawStateA
GrayStringA
DrawTextExA
DrawTextA
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuItemA
SetMenuItemBitmaps
UnpackDDElParam
RemoveMenu
LoadCursorW
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
GetMenuState
GetMenuStringA
LoadMenuIndirectA
LoadMenuW
LoadMenuA
IsMenu
DrawFrameControl
DrawEdge
MapDialogRect
TabbedTextOutA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
RegisterClassA
DefWindowProcA
SendMessageA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
UnregisterClassA
OffsetRect
GetAsyncKeyState
CharUpperA
IsWindow
GetWindowTextA
DrawFocusRect
GetTabbedTextExtentW
DestroyCursor
LoadStringA
GetWindowThreadProcessId
FindWindowA
GetForegroundWindow
AttachThreadInput
PostMessageA
LoadImageA
LoadIconA
SetRectEmpty
ReleaseCapture
GetClassInfoA
CallWindowProcA
SetWindowLongA
GetWindowLongA
GetSystemMetrics
PtInRect
DlgDirListA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirSelectComboBoxExA
ArrangeIconicWindows
NotifyWinEvent
InflateRect
IntersectRect
CreateDialogIndirectParamA
EndDialog
GetCursorPos
GetKeyNameTextA
MapVirtualKeyA
PostQuitMessage
WaitMessage
GetMessageA
CopyRect
SetRect
TranslateMessage
SetCursor
DestroyMenu
SystemParametersInfoA
CopyImage
RealChildWindowFromPoint
ModifyMenuA
GetClipboardFormatNameA
GetDialogBaseUnits
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
InSendMessage
IsClipboardFormatAvailable
EnumChildWindows
CharUpperBuffA
CopyIcon
GetDoubleClickTime
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
LoadImageW
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetIconInfo
DrawIconEx
RegisterClipboardFormatA
UnionRect
MsgWaitForMultipleObjectsEx
MessageBeep
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReuseDDElParam
GetMenuBarInfo
TranslateAcceleratorA
LoadAcceleratorsA
DestroyIcon
LoadAcceleratorsW
DeleteMenu
SubtractRect
gdi32
CreateBitmapIndirect
CreateBrushIndirect
CreateDiscardableBitmap
CreateCompatibleDC
CreateDCA
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectA
CreateFontA
CreateHatchBrush
CreateICA
CreatePalette
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DrawEscape
Ellipse
EnumObjects
EqualRgn
Escape
ExtEscape
ExtCreateRegion
ExtFloodFill
FillRgn
FloodFill
FrameRgn
GetROP2
GetAspectRatioFilterEx
GetBkColor
GetBkMode
GetBitmapBits
GetBitmapDimensionEx
GetBoundsRect
GetBrushOrgEx
GetCharWidthA
GetCharWidthFloatA
GetCharABCWidthsA
GetCharABCWidthsFloatA
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetFontData
GetGlyphOutlineA
GetGraphicsMode
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetOutlineTextMetricsA
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRegionData
GetRgnBox
GetStretchBltMode
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetFontLanguageInfo
GetCharacterPlacementA
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
InvertRgn
MaskBlt
PlgBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PolyPolygon
PtInRegion
PtVisible
RectInRegion
RectVisible
Rectangle
ResetDCA
RealizePalette
RoundRect
ResizePalette
SetBitmapBits
SetBoundsRect
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
CreateBitmap
UpdateColors
PlayEnhMetaFile
GdiComment
GetTextMetricsA
AngleArc
PolyPolyline
GetWorldTransform
GetColorAdjustment
CreateHalftonePalette
StartDocA
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetPath
PathToRegion
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
ExtCreatePen
GetMiterLimit
GetArcDirection
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetBitmapDimensionEx
SetBrushOrgEx
GetTextFaceA
GetKerningPairsA
UnrealizeObject
DeleteDC
ExcludeClipRect
GetClipBox
GetClipRgn
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
StretchDIBits
EnumFontFamiliesExA
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
Chord
CombineRgn
BitBlt
Arc
AnimatePalette
ExtTextOutA
CreateEnhMetaFileA
CloseEnhMetaFile
CreateMetaFileA
CloseMetaFile
SetTextColor
SetBkColor
CreateCompatibleBitmap
GetStockObject
GetObjectA
SelectObject
DeleteObject
SetRectRgn
GetTextExtentPoint32W
GetTextExtentPointA
DeleteMetaFile
SetDIBColorTable
CreateDIBSection
GetDIBits
msimg32
GradientFill
AlphaBlend
TransparentBlt
winspool.drv
DocumentPropertiesA
ClosePrinter
GetJobA
OpenPrinterA
advapi32
RegDeleteKeyA
RegSetValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExW
RegEnumValueA
RegEnumKeyExA
SetFileSecurityA
GetFileSecurityA
RegCloseKey
shell32
SHGetMalloc
DragAcceptFiles
SHGetFileInfoA
SHAddToRecentDocs
ExtractIconA
DragQueryFileA
DragFinish
ShellExecuteExA
SHAppBarMessage
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
comctl32
_TrackMouseEvent
shlwapi
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindExtensionA
StrFormatKBSizeA
uxtheme
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
ole32
OleGetClipboard
DoDragDrop
CreateItemMoniker
CreateFileMoniker
GetClassFile
StgIsStorageILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
WriteClassStm
OleUninitialize
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
CreateBindCtx
ReadClassStg
WriteClassStg
WriteFmtUserTypeStg
ReadFmtUserTypeStg
OleDuplicateData
ReleaseStgMedium
OleRegGetUserType
SetConvertStg
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoInitializeEx
StringFromGUID2
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoRegisterClassObject
CoRevokeClassObject
PropVariantCopy
CoFreeUnusedLibraries
OleInitialize
CreateOleAdviseHolder
CreateDataAdviseHolder
GetRunningObjectTable
OleRegEnumVerbs
OleRegGetMiscStatus
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleSetClipboard
CreateStreamOnHGlobal
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleSetMenuDescriptor
OleQueryCreateFromData
OleQueryLinkFromData
OleLoad
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CoGetMalloc
GetHGlobalFromILockBytes
OleGetIconOfClass
OleLockRunning
OleIsRunning
OleSetContainedObject
OleSaveToStream
OleSave
OleCreateFromFile
OleCreateLinkToFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
CreateGenericComposite
OleCreate
oleaut32
SafeArrayGetElemsize
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysFreeString
VariantClear
VariantInit
SafeArrayLock
SysAllocStringLen
oledlg
ord9
ord7
ord6
ord5
ord4
ord8
ord3
ws2_32
inet_addr
inet_ntoa
htons
ntohs
recv
recvfrom
select
send
htonl
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
listen
WSAAsyncSelect
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
gethostbyname
socket
shutdown
setsockopt
sendto
winmm
timeGetTime
PlaySoundA
timeEndPeriod
timeSetEvent
timeKillEvent
timeGetDevCaps
timeBeginPeriod
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
gdiplus
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
imm32
ImmGetContext
ImmReleaseContext
ImmGetOpenStatus
Sections
.text Size: 6.5MB - Virtual size: 6.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 829KB - Virtual size: 828KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 188KB - Virtual size: 231KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 329KB - Virtual size: 328KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rmnet Size: 113KB - Virtual size: 116KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE