ScreenShot
| Created | 2023.08.31 11:20 | Machine | s1_win7_x6401 |
| Filename | msedge.exe | ||
| Type | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 2 detected (AIDetectMalware) | ||
| md5 | 19d6340743164342171504547933597f | ||
| sha256 | 8317da7d78f1ab5e517e5914fbdbbe20e079f71184279518dec1916271fcaea6 | ||
| ssdeep | 49152:27lgxQOjdfrB1VWuuJIwBXUVjDmXsScw2WEfykvNdM0a4J3C4ffysofoEIE1xL5C:2qfG+DPS1SQ0VEL7fTbdEwamHh | ||
| imphash | 245cf6cf55edeaf020a25dffa3807654 | ||
| impfuzzy | 96:cFnYJeCxMCyjpmoxHF42xQHPXiX1PgA7TJGQ666myqTVRR4pZH+mXRa4e:cFnYgCryjpsHPSFoVQ6NmTVnKH+mXRaV | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| watch | Detects the presence of Wine emulator |
| notice | File has been identified by 2 AntiVirus engines on VirusTotal as malicious |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
GDI32.dll
0x1414c7834 ChoosePixelFormat
0x1414c783c CreateBitmap
0x1414c7844 CreateDCW
0x1414c784c CreateDIBSection
0x1414c7854 DeleteDC
0x1414c785c DeleteObject
0x1414c7864 DescribePixelFormat
0x1414c786c GetDeviceCaps
0x1414c7874 GetDeviceGammaRamp
0x1414c787c SetDeviceGammaRamp
0x1414c7884 SetPixelFormat
0x1414c788c SwapBuffers
KERNEL32.dll
0x1414c789c AddAtomA
0x1414c78a4 AddVectoredExceptionHandler
0x1414c78ac CloseHandle
0x1414c78b4 CreateEventA
0x1414c78bc CreateFileA
0x1414c78c4 CreateIoCompletionPort
0x1414c78cc CreateMutexA
0x1414c78d4 CreateSemaphoreA
0x1414c78dc CreateThread
0x1414c78e4 CreateWaitableTimerA
0x1414c78ec CreateWaitableTimerExW
0x1414c78f4 DeleteAtom
0x1414c78fc DeleteCriticalSection
0x1414c7904 DuplicateHandle
0x1414c790c EnterCriticalSection
0x1414c7914 ExitProcess
0x1414c791c FindAtomA
0x1414c7924 FormatMessageA
0x1414c792c FreeEnvironmentStringsW
0x1414c7934 FreeLibrary
0x1414c793c GetAtomNameA
0x1414c7944 GetConsoleMode
0x1414c794c GetCurrentProcess
0x1414c7954 GetCurrentProcessId
0x1414c795c GetCurrentThread
0x1414c7964 GetCurrentThreadId
0x1414c796c GetEnvironmentStringsW
0x1414c7974 GetHandleInformation
0x1414c797c GetLastError
0x1414c7984 GetModuleHandleW
0x1414c798c GetProcAddress
0x1414c7994 GetProcessAffinityMask
0x1414c799c GetQueuedCompletionStatusEx
0x1414c79a4 GetStartupInfoA
0x1414c79ac GetStdHandle
0x1414c79b4 GetSystemDirectoryA
0x1414c79bc GetSystemInfo
0x1414c79c4 GetSystemTimeAsFileTime
0x1414c79cc GetThreadContext
0x1414c79d4 GetThreadPriority
0x1414c79dc GetTickCount
0x1414c79e4 GlobalAlloc
0x1414c79ec GlobalFree
0x1414c79f4 GlobalLock
0x1414c79fc GlobalUnlock
0x1414c7a04 InitializeCriticalSection
0x1414c7a0c IsDBCSLeadByteEx
0x1414c7a14 IsDebuggerPresent
0x1414c7a1c LeaveCriticalSection
0x1414c7a24 LoadLibraryA
0x1414c7a2c LoadLibraryW
0x1414c7a34 LocalFree
0x1414c7a3c MultiByteToWideChar
0x1414c7a44 OpenProcess
0x1414c7a4c OutputDebugStringA
0x1414c7a54 PostQueuedCompletionStatus
0x1414c7a5c QueryPerformanceCounter
0x1414c7a64 QueryPerformanceFrequency
0x1414c7a6c RaiseException
0x1414c7a74 ReleaseMutex
0x1414c7a7c ReleaseSemaphore
0x1414c7a84 RemoveVectoredExceptionHandler
0x1414c7a8c ResetEvent
0x1414c7a94 ResumeThread
0x1414c7a9c SetConsoleCtrlHandler
0x1414c7aa4 SetErrorMode
0x1414c7aac SetEvent
0x1414c7ab4 SetLastError
0x1414c7abc SetProcessAffinityMask
0x1414c7ac4 SetProcessPriorityBoost
0x1414c7acc SetThreadContext
0x1414c7ad4 SetThreadPriority
0x1414c7adc SetUnhandledExceptionFilter
0x1414c7ae4 SetWaitableTimer
0x1414c7aec Sleep
0x1414c7af4 SuspendThread
0x1414c7afc SwitchToThread
0x1414c7b04 TlsAlloc
0x1414c7b0c TlsFree
0x1414c7b14 TlsGetValue
0x1414c7b1c TlsSetValue
0x1414c7b24 TryEnterCriticalSection
0x1414c7b2c VirtualAlloc
0x1414c7b34 VirtualFree
0x1414c7b3c VirtualProtect
0x1414c7b44 VirtualQuery
0x1414c7b4c WaitForMultipleObjects
0x1414c7b54 WaitForSingleObject
0x1414c7b5c WideCharToMultiByte
0x1414c7b64 WriteConsoleW
0x1414c7b6c WriteFile
0x1414c7b74 __C_specific_handler
msvcrt.dll
0x1414c7b84 ___lc_codepage_func
0x1414c7b8c ___mb_cur_max_func
0x1414c7b94 __getmainargs
0x1414c7b9c __initenv
0x1414c7ba4 __iob_func
0x1414c7bac __lconv_init
0x1414c7bb4 __set_app_type
0x1414c7bbc __setusermatherr
0x1414c7bc4 _acmdln
0x1414c7bcc _amsg_exit
0x1414c7bd4 _beginthread
0x1414c7bdc _beginthreadex
0x1414c7be4 _cexit
0x1414c7bec _commode
0x1414c7bf4 _endthreadex
0x1414c7bfc _errno
0x1414c7c04 _fmode
0x1414c7c0c _initterm
0x1414c7c14 _lock
0x1414c7c1c _memccpy
0x1414c7c24 _onexit
0x1414c7c2c _setjmp
0x1414c7c34 _strdup
0x1414c7c3c _ultoa
0x1414c7c44 _unlock
0x1414c7c4c _wassert
0x1414c7c54 abort
0x1414c7c5c calloc
0x1414c7c64 exit
0x1414c7c6c fprintf
0x1414c7c74 fputc
0x1414c7c7c free
0x1414c7c84 fwrite
0x1414c7c8c getc
0x1414c7c94 islower
0x1414c7c9c isspace
0x1414c7ca4 isupper
0x1414c7cac isxdigit
0x1414c7cb4 localeconv
0x1414c7cbc longjmp
0x1414c7cc4 malloc
0x1414c7ccc memcpy
0x1414c7cd4 memmove
0x1414c7cdc memset
0x1414c7ce4 printf
0x1414c7cec qsort
0x1414c7cf4 realloc
0x1414c7cfc signal
0x1414c7d04 strcmp
0x1414c7d0c strerror
0x1414c7d14 strlen
0x1414c7d1c strncmp
0x1414c7d24 strstr
0x1414c7d2c strtol
0x1414c7d34 strtoul
0x1414c7d3c tolower
0x1414c7d44 ungetc
0x1414c7d4c vfprintf
0x1414c7d54 wcscmp
0x1414c7d5c wcscpy
0x1414c7d64 wcslen
OPENGL32.dll
0x1414c7d74 wglGetProcAddress
SHELL32.dll
0x1414c7d84 DragAcceptFiles
0x1414c7d8c DragFinish
0x1414c7d94 DragQueryFileW
0x1414c7d9c DragQueryPoint
USER32.dll
0x1414c7dac AdjustWindowRectEx
0x1414c7db4 BringWindowToTop
0x1414c7dbc ChangeDisplaySettingsExW
0x1414c7dc4 ClientToScreen
0x1414c7dcc ClipCursor
0x1414c7dd4 CloseClipboard
0x1414c7ddc CopyIcon
0x1414c7de4 CreateIconIndirect
0x1414c7dec CreateWindowExW
0x1414c7df4 DefWindowProcW
0x1414c7dfc DestroyIcon
0x1414c7e04 DestroyWindow
0x1414c7e0c DispatchMessageW
0x1414c7e14 EmptyClipboard
0x1414c7e1c EnumDisplayDevicesW
0x1414c7e24 EnumDisplaySettingsExW
0x1414c7e2c EnumDisplaySettingsW
0x1414c7e34 GetActiveWindow
0x1414c7e3c GetAsyncKeyState
0x1414c7e44 GetClassLongPtrW
0x1414c7e4c GetClientRect
0x1414c7e54 GetClipboardData
0x1414c7e5c GetCursorPos
0x1414c7e64 GetDC
0x1414c7e6c GetKeyNameTextW
0x1414c7e74 GetKeyState
0x1414c7e7c GetMessageTime
0x1414c7e84 GetPropW
0x1414c7e8c GetRawInputDeviceInfoA
0x1414c7e94 GetRawInputDeviceList
0x1414c7e9c GetSystemMetrics
0x1414c7ea4 GetWindowLongW
0x1414c7eac GetWindowRect
0x1414c7eb4 IsIconic
0x1414c7ebc IsWindowVisible
0x1414c7ec4 IsZoomed
0x1414c7ecc LoadCursorW
0x1414c7ed4 LoadImageW
0x1414c7edc MoveWindow
0x1414c7ee4 MsgWaitForMultipleObjects
0x1414c7eec OpenClipboard
0x1414c7ef4 PeekMessageW
0x1414c7efc PostMessageW
0x1414c7f04 PtInRect
0x1414c7f0c RegisterClassExW
0x1414c7f14 RegisterDeviceNotificationW
0x1414c7f1c ReleaseCapture
0x1414c7f24 ReleaseDC
0x1414c7f2c RemovePropW
0x1414c7f34 ScreenToClient
0x1414c7f3c SendMessageW
0x1414c7f44 SetCapture
0x1414c7f4c SetClipboardData
0x1414c7f54 SetCursor
0x1414c7f5c SetCursorPos
0x1414c7f64 SetFocus
0x1414c7f6c SetForegroundWindow
0x1414c7f74 SetPropW
0x1414c7f7c SetRect
0x1414c7f84 SetWindowLongW
0x1414c7f8c SetWindowPos
0x1414c7f94 SetWindowTextW
0x1414c7f9c ShowWindow
0x1414c7fa4 SystemParametersInfoW
0x1414c7fac TrackMouseEvent
0x1414c7fb4 TranslateMessage
0x1414c7fbc UnregisterClassW
0x1414c7fc4 WaitMessage
0x1414c7fcc WindowFromPoint
EAT(Export Address Table) Library
0x1414c4e00 _cgo_dummy_export
0x1403a9b90 glowDebugCallback_glcore33
0x1403b64b0 goCharCB
0x1403b6500 goCharModsCB
0x1403b6380 goCursorEnterCB
0x1403b6310 goCursorPosCB
0x1403b6560 goDropCB
0x1403b6200 goErrorCB
0x1403b66e0 goFramebufferSizeCB
0x1403b6260 goJoystickCB
0x1403b6440 goKeyCB
0x1403b65d0 goMonitorCB
0x1403b62b0 goMouseButtonCB
0x1403b63d0 goScrollCB
0x1403b6740 goWindowCloseCB
0x1403b67e0 goWindowFocusCB
0x1403b6830 goWindowIconifyCB
0x1403b6620 goWindowPosCB
0x1403b6790 goWindowRefreshCB
0x1403b6680 goWindowSizeCB
GDI32.dll
0x1414c7834 ChoosePixelFormat
0x1414c783c CreateBitmap
0x1414c7844 CreateDCW
0x1414c784c CreateDIBSection
0x1414c7854 DeleteDC
0x1414c785c DeleteObject
0x1414c7864 DescribePixelFormat
0x1414c786c GetDeviceCaps
0x1414c7874 GetDeviceGammaRamp
0x1414c787c SetDeviceGammaRamp
0x1414c7884 SetPixelFormat
0x1414c788c SwapBuffers
KERNEL32.dll
0x1414c789c AddAtomA
0x1414c78a4 AddVectoredExceptionHandler
0x1414c78ac CloseHandle
0x1414c78b4 CreateEventA
0x1414c78bc CreateFileA
0x1414c78c4 CreateIoCompletionPort
0x1414c78cc CreateMutexA
0x1414c78d4 CreateSemaphoreA
0x1414c78dc CreateThread
0x1414c78e4 CreateWaitableTimerA
0x1414c78ec CreateWaitableTimerExW
0x1414c78f4 DeleteAtom
0x1414c78fc DeleteCriticalSection
0x1414c7904 DuplicateHandle
0x1414c790c EnterCriticalSection
0x1414c7914 ExitProcess
0x1414c791c FindAtomA
0x1414c7924 FormatMessageA
0x1414c792c FreeEnvironmentStringsW
0x1414c7934 FreeLibrary
0x1414c793c GetAtomNameA
0x1414c7944 GetConsoleMode
0x1414c794c GetCurrentProcess
0x1414c7954 GetCurrentProcessId
0x1414c795c GetCurrentThread
0x1414c7964 GetCurrentThreadId
0x1414c796c GetEnvironmentStringsW
0x1414c7974 GetHandleInformation
0x1414c797c GetLastError
0x1414c7984 GetModuleHandleW
0x1414c798c GetProcAddress
0x1414c7994 GetProcessAffinityMask
0x1414c799c GetQueuedCompletionStatusEx
0x1414c79a4 GetStartupInfoA
0x1414c79ac GetStdHandle
0x1414c79b4 GetSystemDirectoryA
0x1414c79bc GetSystemInfo
0x1414c79c4 GetSystemTimeAsFileTime
0x1414c79cc GetThreadContext
0x1414c79d4 GetThreadPriority
0x1414c79dc GetTickCount
0x1414c79e4 GlobalAlloc
0x1414c79ec GlobalFree
0x1414c79f4 GlobalLock
0x1414c79fc GlobalUnlock
0x1414c7a04 InitializeCriticalSection
0x1414c7a0c IsDBCSLeadByteEx
0x1414c7a14 IsDebuggerPresent
0x1414c7a1c LeaveCriticalSection
0x1414c7a24 LoadLibraryA
0x1414c7a2c LoadLibraryW
0x1414c7a34 LocalFree
0x1414c7a3c MultiByteToWideChar
0x1414c7a44 OpenProcess
0x1414c7a4c OutputDebugStringA
0x1414c7a54 PostQueuedCompletionStatus
0x1414c7a5c QueryPerformanceCounter
0x1414c7a64 QueryPerformanceFrequency
0x1414c7a6c RaiseException
0x1414c7a74 ReleaseMutex
0x1414c7a7c ReleaseSemaphore
0x1414c7a84 RemoveVectoredExceptionHandler
0x1414c7a8c ResetEvent
0x1414c7a94 ResumeThread
0x1414c7a9c SetConsoleCtrlHandler
0x1414c7aa4 SetErrorMode
0x1414c7aac SetEvent
0x1414c7ab4 SetLastError
0x1414c7abc SetProcessAffinityMask
0x1414c7ac4 SetProcessPriorityBoost
0x1414c7acc SetThreadContext
0x1414c7ad4 SetThreadPriority
0x1414c7adc SetUnhandledExceptionFilter
0x1414c7ae4 SetWaitableTimer
0x1414c7aec Sleep
0x1414c7af4 SuspendThread
0x1414c7afc SwitchToThread
0x1414c7b04 TlsAlloc
0x1414c7b0c TlsFree
0x1414c7b14 TlsGetValue
0x1414c7b1c TlsSetValue
0x1414c7b24 TryEnterCriticalSection
0x1414c7b2c VirtualAlloc
0x1414c7b34 VirtualFree
0x1414c7b3c VirtualProtect
0x1414c7b44 VirtualQuery
0x1414c7b4c WaitForMultipleObjects
0x1414c7b54 WaitForSingleObject
0x1414c7b5c WideCharToMultiByte
0x1414c7b64 WriteConsoleW
0x1414c7b6c WriteFile
0x1414c7b74 __C_specific_handler
msvcrt.dll
0x1414c7b84 ___lc_codepage_func
0x1414c7b8c ___mb_cur_max_func
0x1414c7b94 __getmainargs
0x1414c7b9c __initenv
0x1414c7ba4 __iob_func
0x1414c7bac __lconv_init
0x1414c7bb4 __set_app_type
0x1414c7bbc __setusermatherr
0x1414c7bc4 _acmdln
0x1414c7bcc _amsg_exit
0x1414c7bd4 _beginthread
0x1414c7bdc _beginthreadex
0x1414c7be4 _cexit
0x1414c7bec _commode
0x1414c7bf4 _endthreadex
0x1414c7bfc _errno
0x1414c7c04 _fmode
0x1414c7c0c _initterm
0x1414c7c14 _lock
0x1414c7c1c _memccpy
0x1414c7c24 _onexit
0x1414c7c2c _setjmp
0x1414c7c34 _strdup
0x1414c7c3c _ultoa
0x1414c7c44 _unlock
0x1414c7c4c _wassert
0x1414c7c54 abort
0x1414c7c5c calloc
0x1414c7c64 exit
0x1414c7c6c fprintf
0x1414c7c74 fputc
0x1414c7c7c free
0x1414c7c84 fwrite
0x1414c7c8c getc
0x1414c7c94 islower
0x1414c7c9c isspace
0x1414c7ca4 isupper
0x1414c7cac isxdigit
0x1414c7cb4 localeconv
0x1414c7cbc longjmp
0x1414c7cc4 malloc
0x1414c7ccc memcpy
0x1414c7cd4 memmove
0x1414c7cdc memset
0x1414c7ce4 printf
0x1414c7cec qsort
0x1414c7cf4 realloc
0x1414c7cfc signal
0x1414c7d04 strcmp
0x1414c7d0c strerror
0x1414c7d14 strlen
0x1414c7d1c strncmp
0x1414c7d24 strstr
0x1414c7d2c strtol
0x1414c7d34 strtoul
0x1414c7d3c tolower
0x1414c7d44 ungetc
0x1414c7d4c vfprintf
0x1414c7d54 wcscmp
0x1414c7d5c wcscpy
0x1414c7d64 wcslen
OPENGL32.dll
0x1414c7d74 wglGetProcAddress
SHELL32.dll
0x1414c7d84 DragAcceptFiles
0x1414c7d8c DragFinish
0x1414c7d94 DragQueryFileW
0x1414c7d9c DragQueryPoint
USER32.dll
0x1414c7dac AdjustWindowRectEx
0x1414c7db4 BringWindowToTop
0x1414c7dbc ChangeDisplaySettingsExW
0x1414c7dc4 ClientToScreen
0x1414c7dcc ClipCursor
0x1414c7dd4 CloseClipboard
0x1414c7ddc CopyIcon
0x1414c7de4 CreateIconIndirect
0x1414c7dec CreateWindowExW
0x1414c7df4 DefWindowProcW
0x1414c7dfc DestroyIcon
0x1414c7e04 DestroyWindow
0x1414c7e0c DispatchMessageW
0x1414c7e14 EmptyClipboard
0x1414c7e1c EnumDisplayDevicesW
0x1414c7e24 EnumDisplaySettingsExW
0x1414c7e2c EnumDisplaySettingsW
0x1414c7e34 GetActiveWindow
0x1414c7e3c GetAsyncKeyState
0x1414c7e44 GetClassLongPtrW
0x1414c7e4c GetClientRect
0x1414c7e54 GetClipboardData
0x1414c7e5c GetCursorPos
0x1414c7e64 GetDC
0x1414c7e6c GetKeyNameTextW
0x1414c7e74 GetKeyState
0x1414c7e7c GetMessageTime
0x1414c7e84 GetPropW
0x1414c7e8c GetRawInputDeviceInfoA
0x1414c7e94 GetRawInputDeviceList
0x1414c7e9c GetSystemMetrics
0x1414c7ea4 GetWindowLongW
0x1414c7eac GetWindowRect
0x1414c7eb4 IsIconic
0x1414c7ebc IsWindowVisible
0x1414c7ec4 IsZoomed
0x1414c7ecc LoadCursorW
0x1414c7ed4 LoadImageW
0x1414c7edc MoveWindow
0x1414c7ee4 MsgWaitForMultipleObjects
0x1414c7eec OpenClipboard
0x1414c7ef4 PeekMessageW
0x1414c7efc PostMessageW
0x1414c7f04 PtInRect
0x1414c7f0c RegisterClassExW
0x1414c7f14 RegisterDeviceNotificationW
0x1414c7f1c ReleaseCapture
0x1414c7f24 ReleaseDC
0x1414c7f2c RemovePropW
0x1414c7f34 ScreenToClient
0x1414c7f3c SendMessageW
0x1414c7f44 SetCapture
0x1414c7f4c SetClipboardData
0x1414c7f54 SetCursor
0x1414c7f5c SetCursorPos
0x1414c7f64 SetFocus
0x1414c7f6c SetForegroundWindow
0x1414c7f74 SetPropW
0x1414c7f7c SetRect
0x1414c7f84 SetWindowLongW
0x1414c7f8c SetWindowPos
0x1414c7f94 SetWindowTextW
0x1414c7f9c ShowWindow
0x1414c7fa4 SystemParametersInfoW
0x1414c7fac TrackMouseEvent
0x1414c7fb4 TranslateMessage
0x1414c7fbc UnregisterClassW
0x1414c7fc4 WaitMessage
0x1414c7fcc WindowFromPoint
EAT(Export Address Table) Library
0x1414c4e00 _cgo_dummy_export
0x1403a9b90 glowDebugCallback_glcore33
0x1403b64b0 goCharCB
0x1403b6500 goCharModsCB
0x1403b6380 goCursorEnterCB
0x1403b6310 goCursorPosCB
0x1403b6560 goDropCB
0x1403b6200 goErrorCB
0x1403b66e0 goFramebufferSizeCB
0x1403b6260 goJoystickCB
0x1403b6440 goKeyCB
0x1403b65d0 goMonitorCB
0x1403b62b0 goMouseButtonCB
0x1403b63d0 goScrollCB
0x1403b6740 goWindowCloseCB
0x1403b67e0 goWindowFocusCB
0x1403b6830 goWindowIconifyCB
0x1403b6620 goWindowPosCB
0x1403b6790 goWindowRefreshCB
0x1403b6680 goWindowSizeCB