ScreenShot
| Created | 2023.09.06 07:45 | Machine | s1_win7_x6403 |
| Filename | file.exe | ||
| Type | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 25 detected (AIDetectMalware, GenericKD, Artemis, Attribute, HighConfidence, ToxicEye, FileRepMalware, Misc, ai score=81, Sabsik, Synder, unsafe, Chgt, MALICIOUS) | ||
| md5 | 16b14dbba5d98857cc8b06fd9319d68a | ||
| sha256 | 62bac3ccbd3c0d80dab4df9fd15582bfbda9a41e87bde20b525db8cf8e1c8258 | ||
| ssdeep | 98304:RckXp83qiIhfZCNn+UB8KyGq770sfE2VR3Ai:RjMHh7lq770s8AD | ||
| imphash | 245cf6cf55edeaf020a25dffa3807654 | ||
| impfuzzy | 96:cFnYJeCxMCyjpmoxHF42xQHPXiX1PgA7TJGQ666myqTVRR4pZH+mXRa4e:cFnYgCryjpsHPSFoVQ6NmTVnKH+mXRaV | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 25 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
GDI32.dll
0x140b0b834 ChoosePixelFormat
0x140b0b83c CreateBitmap
0x140b0b844 CreateDCW
0x140b0b84c CreateDIBSection
0x140b0b854 DeleteDC
0x140b0b85c DeleteObject
0x140b0b864 DescribePixelFormat
0x140b0b86c GetDeviceCaps
0x140b0b874 GetDeviceGammaRamp
0x140b0b87c SetDeviceGammaRamp
0x140b0b884 SetPixelFormat
0x140b0b88c SwapBuffers
KERNEL32.dll
0x140b0b89c AddAtomA
0x140b0b8a4 AddVectoredExceptionHandler
0x140b0b8ac CloseHandle
0x140b0b8b4 CreateEventA
0x140b0b8bc CreateFileA
0x140b0b8c4 CreateIoCompletionPort
0x140b0b8cc CreateMutexA
0x140b0b8d4 CreateSemaphoreA
0x140b0b8dc CreateThread
0x140b0b8e4 CreateWaitableTimerA
0x140b0b8ec CreateWaitableTimerExW
0x140b0b8f4 DeleteAtom
0x140b0b8fc DeleteCriticalSection
0x140b0b904 DuplicateHandle
0x140b0b90c EnterCriticalSection
0x140b0b914 ExitProcess
0x140b0b91c FindAtomA
0x140b0b924 FormatMessageA
0x140b0b92c FreeEnvironmentStringsW
0x140b0b934 FreeLibrary
0x140b0b93c GetAtomNameA
0x140b0b944 GetConsoleMode
0x140b0b94c GetCurrentProcess
0x140b0b954 GetCurrentProcessId
0x140b0b95c GetCurrentThread
0x140b0b964 GetCurrentThreadId
0x140b0b96c GetEnvironmentStringsW
0x140b0b974 GetHandleInformation
0x140b0b97c GetLastError
0x140b0b984 GetModuleHandleW
0x140b0b98c GetProcAddress
0x140b0b994 GetProcessAffinityMask
0x140b0b99c GetQueuedCompletionStatusEx
0x140b0b9a4 GetStartupInfoA
0x140b0b9ac GetStdHandle
0x140b0b9b4 GetSystemDirectoryA
0x140b0b9bc GetSystemInfo
0x140b0b9c4 GetSystemTimeAsFileTime
0x140b0b9cc GetThreadContext
0x140b0b9d4 GetThreadPriority
0x140b0b9dc GetTickCount
0x140b0b9e4 GlobalAlloc
0x140b0b9ec GlobalFree
0x140b0b9f4 GlobalLock
0x140b0b9fc GlobalUnlock
0x140b0ba04 InitializeCriticalSection
0x140b0ba0c IsDBCSLeadByteEx
0x140b0ba14 IsDebuggerPresent
0x140b0ba1c LeaveCriticalSection
0x140b0ba24 LoadLibraryA
0x140b0ba2c LoadLibraryW
0x140b0ba34 LocalFree
0x140b0ba3c MultiByteToWideChar
0x140b0ba44 OpenProcess
0x140b0ba4c OutputDebugStringA
0x140b0ba54 PostQueuedCompletionStatus
0x140b0ba5c QueryPerformanceCounter
0x140b0ba64 QueryPerformanceFrequency
0x140b0ba6c RaiseException
0x140b0ba74 ReleaseMutex
0x140b0ba7c ReleaseSemaphore
0x140b0ba84 RemoveVectoredExceptionHandler
0x140b0ba8c ResetEvent
0x140b0ba94 ResumeThread
0x140b0ba9c SetConsoleCtrlHandler
0x140b0baa4 SetErrorMode
0x140b0baac SetEvent
0x140b0bab4 SetLastError
0x140b0babc SetProcessAffinityMask
0x140b0bac4 SetProcessPriorityBoost
0x140b0bacc SetThreadContext
0x140b0bad4 SetThreadPriority
0x140b0badc SetUnhandledExceptionFilter
0x140b0bae4 SetWaitableTimer
0x140b0baec Sleep
0x140b0baf4 SuspendThread
0x140b0bafc SwitchToThread
0x140b0bb04 TlsAlloc
0x140b0bb0c TlsFree
0x140b0bb14 TlsGetValue
0x140b0bb1c TlsSetValue
0x140b0bb24 TryEnterCriticalSection
0x140b0bb2c VirtualAlloc
0x140b0bb34 VirtualFree
0x140b0bb3c VirtualProtect
0x140b0bb44 VirtualQuery
0x140b0bb4c WaitForMultipleObjects
0x140b0bb54 WaitForSingleObject
0x140b0bb5c WideCharToMultiByte
0x140b0bb64 WriteConsoleW
0x140b0bb6c WriteFile
0x140b0bb74 __C_specific_handler
msvcrt.dll
0x140b0bb84 ___lc_codepage_func
0x140b0bb8c ___mb_cur_max_func
0x140b0bb94 __getmainargs
0x140b0bb9c __initenv
0x140b0bba4 __iob_func
0x140b0bbac __lconv_init
0x140b0bbb4 __set_app_type
0x140b0bbbc __setusermatherr
0x140b0bbc4 _acmdln
0x140b0bbcc _amsg_exit
0x140b0bbd4 _beginthread
0x140b0bbdc _beginthreadex
0x140b0bbe4 _cexit
0x140b0bbec _commode
0x140b0bbf4 _endthreadex
0x140b0bbfc _errno
0x140b0bc04 _fmode
0x140b0bc0c _initterm
0x140b0bc14 _lock
0x140b0bc1c _memccpy
0x140b0bc24 _onexit
0x140b0bc2c _setjmp
0x140b0bc34 _strdup
0x140b0bc3c _ultoa
0x140b0bc44 _unlock
0x140b0bc4c _wassert
0x140b0bc54 abort
0x140b0bc5c calloc
0x140b0bc64 exit
0x140b0bc6c fprintf
0x140b0bc74 fputc
0x140b0bc7c free
0x140b0bc84 fwrite
0x140b0bc8c getc
0x140b0bc94 islower
0x140b0bc9c isspace
0x140b0bca4 isupper
0x140b0bcac isxdigit
0x140b0bcb4 localeconv
0x140b0bcbc longjmp
0x140b0bcc4 malloc
0x140b0bccc memcpy
0x140b0bcd4 memmove
0x140b0bcdc memset
0x140b0bce4 printf
0x140b0bcec qsort
0x140b0bcf4 realloc
0x140b0bcfc signal
0x140b0bd04 strcmp
0x140b0bd0c strerror
0x140b0bd14 strlen
0x140b0bd1c strncmp
0x140b0bd24 strstr
0x140b0bd2c strtol
0x140b0bd34 strtoul
0x140b0bd3c tolower
0x140b0bd44 ungetc
0x140b0bd4c vfprintf
0x140b0bd54 wcscmp
0x140b0bd5c wcscpy
0x140b0bd64 wcslen
OPENGL32.dll
0x140b0bd74 wglGetProcAddress
SHELL32.dll
0x140b0bd84 DragAcceptFiles
0x140b0bd8c DragFinish
0x140b0bd94 DragQueryFileW
0x140b0bd9c DragQueryPoint
USER32.dll
0x140b0bdac AdjustWindowRectEx
0x140b0bdb4 BringWindowToTop
0x140b0bdbc ChangeDisplaySettingsExW
0x140b0bdc4 ClientToScreen
0x140b0bdcc ClipCursor
0x140b0bdd4 CloseClipboard
0x140b0bddc CopyIcon
0x140b0bde4 CreateIconIndirect
0x140b0bdec CreateWindowExW
0x140b0bdf4 DefWindowProcW
0x140b0bdfc DestroyIcon
0x140b0be04 DestroyWindow
0x140b0be0c DispatchMessageW
0x140b0be14 EmptyClipboard
0x140b0be1c EnumDisplayDevicesW
0x140b0be24 EnumDisplaySettingsExW
0x140b0be2c EnumDisplaySettingsW
0x140b0be34 GetActiveWindow
0x140b0be3c GetAsyncKeyState
0x140b0be44 GetClassLongPtrW
0x140b0be4c GetClientRect
0x140b0be54 GetClipboardData
0x140b0be5c GetCursorPos
0x140b0be64 GetDC
0x140b0be6c GetKeyNameTextW
0x140b0be74 GetKeyState
0x140b0be7c GetMessageTime
0x140b0be84 GetPropW
0x140b0be8c GetRawInputDeviceInfoA
0x140b0be94 GetRawInputDeviceList
0x140b0be9c GetSystemMetrics
0x140b0bea4 GetWindowLongW
0x140b0beac GetWindowRect
0x140b0beb4 IsIconic
0x140b0bebc IsWindowVisible
0x140b0bec4 IsZoomed
0x140b0becc LoadCursorW
0x140b0bed4 LoadImageW
0x140b0bedc MoveWindow
0x140b0bee4 MsgWaitForMultipleObjects
0x140b0beec OpenClipboard
0x140b0bef4 PeekMessageW
0x140b0befc PostMessageW
0x140b0bf04 PtInRect
0x140b0bf0c RegisterClassExW
0x140b0bf14 RegisterDeviceNotificationW
0x140b0bf1c ReleaseCapture
0x140b0bf24 ReleaseDC
0x140b0bf2c RemovePropW
0x140b0bf34 ScreenToClient
0x140b0bf3c SendMessageW
0x140b0bf44 SetCapture
0x140b0bf4c SetClipboardData
0x140b0bf54 SetCursor
0x140b0bf5c SetCursorPos
0x140b0bf64 SetFocus
0x140b0bf6c SetForegroundWindow
0x140b0bf74 SetPropW
0x140b0bf7c SetRect
0x140b0bf84 SetWindowLongW
0x140b0bf8c SetWindowPos
0x140b0bf94 SetWindowTextW
0x140b0bf9c ShowWindow
0x140b0bfa4 SystemParametersInfoW
0x140b0bfac TrackMouseEvent
0x140b0bfb4 TranslateMessage
0x140b0bfbc UnregisterClassW
0x140b0bfc4 WaitMessage
0x140b0bfcc WindowFromPoint
EAT(Export Address Table) Library
0x140b08f00 _cgo_dummy_export
0x140538d30 glowDebugCallback_glcore33
0x140545650 goCharCB
0x1405456a0 goCharModsCB
0x140545520 goCursorEnterCB
0x1405454b0 goCursorPosCB
0x140545700 goDropCB
0x1405453a0 goErrorCB
0x140545880 goFramebufferSizeCB
0x140545400 goJoystickCB
0x1405455e0 goKeyCB
0x140545770 goMonitorCB
0x140545450 goMouseButtonCB
0x140545570 goScrollCB
0x1405458e0 goWindowCloseCB
0x140545980 goWindowFocusCB
0x1405459d0 goWindowIconifyCB
0x1405457c0 goWindowPosCB
0x140545930 goWindowRefreshCB
0x140545820 goWindowSizeCB
GDI32.dll
0x140b0b834 ChoosePixelFormat
0x140b0b83c CreateBitmap
0x140b0b844 CreateDCW
0x140b0b84c CreateDIBSection
0x140b0b854 DeleteDC
0x140b0b85c DeleteObject
0x140b0b864 DescribePixelFormat
0x140b0b86c GetDeviceCaps
0x140b0b874 GetDeviceGammaRamp
0x140b0b87c SetDeviceGammaRamp
0x140b0b884 SetPixelFormat
0x140b0b88c SwapBuffers
KERNEL32.dll
0x140b0b89c AddAtomA
0x140b0b8a4 AddVectoredExceptionHandler
0x140b0b8ac CloseHandle
0x140b0b8b4 CreateEventA
0x140b0b8bc CreateFileA
0x140b0b8c4 CreateIoCompletionPort
0x140b0b8cc CreateMutexA
0x140b0b8d4 CreateSemaphoreA
0x140b0b8dc CreateThread
0x140b0b8e4 CreateWaitableTimerA
0x140b0b8ec CreateWaitableTimerExW
0x140b0b8f4 DeleteAtom
0x140b0b8fc DeleteCriticalSection
0x140b0b904 DuplicateHandle
0x140b0b90c EnterCriticalSection
0x140b0b914 ExitProcess
0x140b0b91c FindAtomA
0x140b0b924 FormatMessageA
0x140b0b92c FreeEnvironmentStringsW
0x140b0b934 FreeLibrary
0x140b0b93c GetAtomNameA
0x140b0b944 GetConsoleMode
0x140b0b94c GetCurrentProcess
0x140b0b954 GetCurrentProcessId
0x140b0b95c GetCurrentThread
0x140b0b964 GetCurrentThreadId
0x140b0b96c GetEnvironmentStringsW
0x140b0b974 GetHandleInformation
0x140b0b97c GetLastError
0x140b0b984 GetModuleHandleW
0x140b0b98c GetProcAddress
0x140b0b994 GetProcessAffinityMask
0x140b0b99c GetQueuedCompletionStatusEx
0x140b0b9a4 GetStartupInfoA
0x140b0b9ac GetStdHandle
0x140b0b9b4 GetSystemDirectoryA
0x140b0b9bc GetSystemInfo
0x140b0b9c4 GetSystemTimeAsFileTime
0x140b0b9cc GetThreadContext
0x140b0b9d4 GetThreadPriority
0x140b0b9dc GetTickCount
0x140b0b9e4 GlobalAlloc
0x140b0b9ec GlobalFree
0x140b0b9f4 GlobalLock
0x140b0b9fc GlobalUnlock
0x140b0ba04 InitializeCriticalSection
0x140b0ba0c IsDBCSLeadByteEx
0x140b0ba14 IsDebuggerPresent
0x140b0ba1c LeaveCriticalSection
0x140b0ba24 LoadLibraryA
0x140b0ba2c LoadLibraryW
0x140b0ba34 LocalFree
0x140b0ba3c MultiByteToWideChar
0x140b0ba44 OpenProcess
0x140b0ba4c OutputDebugStringA
0x140b0ba54 PostQueuedCompletionStatus
0x140b0ba5c QueryPerformanceCounter
0x140b0ba64 QueryPerformanceFrequency
0x140b0ba6c RaiseException
0x140b0ba74 ReleaseMutex
0x140b0ba7c ReleaseSemaphore
0x140b0ba84 RemoveVectoredExceptionHandler
0x140b0ba8c ResetEvent
0x140b0ba94 ResumeThread
0x140b0ba9c SetConsoleCtrlHandler
0x140b0baa4 SetErrorMode
0x140b0baac SetEvent
0x140b0bab4 SetLastError
0x140b0babc SetProcessAffinityMask
0x140b0bac4 SetProcessPriorityBoost
0x140b0bacc SetThreadContext
0x140b0bad4 SetThreadPriority
0x140b0badc SetUnhandledExceptionFilter
0x140b0bae4 SetWaitableTimer
0x140b0baec Sleep
0x140b0baf4 SuspendThread
0x140b0bafc SwitchToThread
0x140b0bb04 TlsAlloc
0x140b0bb0c TlsFree
0x140b0bb14 TlsGetValue
0x140b0bb1c TlsSetValue
0x140b0bb24 TryEnterCriticalSection
0x140b0bb2c VirtualAlloc
0x140b0bb34 VirtualFree
0x140b0bb3c VirtualProtect
0x140b0bb44 VirtualQuery
0x140b0bb4c WaitForMultipleObjects
0x140b0bb54 WaitForSingleObject
0x140b0bb5c WideCharToMultiByte
0x140b0bb64 WriteConsoleW
0x140b0bb6c WriteFile
0x140b0bb74 __C_specific_handler
msvcrt.dll
0x140b0bb84 ___lc_codepage_func
0x140b0bb8c ___mb_cur_max_func
0x140b0bb94 __getmainargs
0x140b0bb9c __initenv
0x140b0bba4 __iob_func
0x140b0bbac __lconv_init
0x140b0bbb4 __set_app_type
0x140b0bbbc __setusermatherr
0x140b0bbc4 _acmdln
0x140b0bbcc _amsg_exit
0x140b0bbd4 _beginthread
0x140b0bbdc _beginthreadex
0x140b0bbe4 _cexit
0x140b0bbec _commode
0x140b0bbf4 _endthreadex
0x140b0bbfc _errno
0x140b0bc04 _fmode
0x140b0bc0c _initterm
0x140b0bc14 _lock
0x140b0bc1c _memccpy
0x140b0bc24 _onexit
0x140b0bc2c _setjmp
0x140b0bc34 _strdup
0x140b0bc3c _ultoa
0x140b0bc44 _unlock
0x140b0bc4c _wassert
0x140b0bc54 abort
0x140b0bc5c calloc
0x140b0bc64 exit
0x140b0bc6c fprintf
0x140b0bc74 fputc
0x140b0bc7c free
0x140b0bc84 fwrite
0x140b0bc8c getc
0x140b0bc94 islower
0x140b0bc9c isspace
0x140b0bca4 isupper
0x140b0bcac isxdigit
0x140b0bcb4 localeconv
0x140b0bcbc longjmp
0x140b0bcc4 malloc
0x140b0bccc memcpy
0x140b0bcd4 memmove
0x140b0bcdc memset
0x140b0bce4 printf
0x140b0bcec qsort
0x140b0bcf4 realloc
0x140b0bcfc signal
0x140b0bd04 strcmp
0x140b0bd0c strerror
0x140b0bd14 strlen
0x140b0bd1c strncmp
0x140b0bd24 strstr
0x140b0bd2c strtol
0x140b0bd34 strtoul
0x140b0bd3c tolower
0x140b0bd44 ungetc
0x140b0bd4c vfprintf
0x140b0bd54 wcscmp
0x140b0bd5c wcscpy
0x140b0bd64 wcslen
OPENGL32.dll
0x140b0bd74 wglGetProcAddress
SHELL32.dll
0x140b0bd84 DragAcceptFiles
0x140b0bd8c DragFinish
0x140b0bd94 DragQueryFileW
0x140b0bd9c DragQueryPoint
USER32.dll
0x140b0bdac AdjustWindowRectEx
0x140b0bdb4 BringWindowToTop
0x140b0bdbc ChangeDisplaySettingsExW
0x140b0bdc4 ClientToScreen
0x140b0bdcc ClipCursor
0x140b0bdd4 CloseClipboard
0x140b0bddc CopyIcon
0x140b0bde4 CreateIconIndirect
0x140b0bdec CreateWindowExW
0x140b0bdf4 DefWindowProcW
0x140b0bdfc DestroyIcon
0x140b0be04 DestroyWindow
0x140b0be0c DispatchMessageW
0x140b0be14 EmptyClipboard
0x140b0be1c EnumDisplayDevicesW
0x140b0be24 EnumDisplaySettingsExW
0x140b0be2c EnumDisplaySettingsW
0x140b0be34 GetActiveWindow
0x140b0be3c GetAsyncKeyState
0x140b0be44 GetClassLongPtrW
0x140b0be4c GetClientRect
0x140b0be54 GetClipboardData
0x140b0be5c GetCursorPos
0x140b0be64 GetDC
0x140b0be6c GetKeyNameTextW
0x140b0be74 GetKeyState
0x140b0be7c GetMessageTime
0x140b0be84 GetPropW
0x140b0be8c GetRawInputDeviceInfoA
0x140b0be94 GetRawInputDeviceList
0x140b0be9c GetSystemMetrics
0x140b0bea4 GetWindowLongW
0x140b0beac GetWindowRect
0x140b0beb4 IsIconic
0x140b0bebc IsWindowVisible
0x140b0bec4 IsZoomed
0x140b0becc LoadCursorW
0x140b0bed4 LoadImageW
0x140b0bedc MoveWindow
0x140b0bee4 MsgWaitForMultipleObjects
0x140b0beec OpenClipboard
0x140b0bef4 PeekMessageW
0x140b0befc PostMessageW
0x140b0bf04 PtInRect
0x140b0bf0c RegisterClassExW
0x140b0bf14 RegisterDeviceNotificationW
0x140b0bf1c ReleaseCapture
0x140b0bf24 ReleaseDC
0x140b0bf2c RemovePropW
0x140b0bf34 ScreenToClient
0x140b0bf3c SendMessageW
0x140b0bf44 SetCapture
0x140b0bf4c SetClipboardData
0x140b0bf54 SetCursor
0x140b0bf5c SetCursorPos
0x140b0bf64 SetFocus
0x140b0bf6c SetForegroundWindow
0x140b0bf74 SetPropW
0x140b0bf7c SetRect
0x140b0bf84 SetWindowLongW
0x140b0bf8c SetWindowPos
0x140b0bf94 SetWindowTextW
0x140b0bf9c ShowWindow
0x140b0bfa4 SystemParametersInfoW
0x140b0bfac TrackMouseEvent
0x140b0bfb4 TranslateMessage
0x140b0bfbc UnregisterClassW
0x140b0bfc4 WaitMessage
0x140b0bfcc WindowFromPoint
EAT(Export Address Table) Library
0x140b08f00 _cgo_dummy_export
0x140538d30 glowDebugCallback_glcore33
0x140545650 goCharCB
0x1405456a0 goCharModsCB
0x140545520 goCursorEnterCB
0x1405454b0 goCursorPosCB
0x140545700 goDropCB
0x1405453a0 goErrorCB
0x140545880 goFramebufferSizeCB
0x140545400 goJoystickCB
0x1405455e0 goKeyCB
0x140545770 goMonitorCB
0x140545450 goMouseButtonCB
0x140545570 goScrollCB
0x1405458e0 goWindowCloseCB
0x140545980 goWindowFocusCB
0x1405459d0 goWindowIconifyCB
0x1405457c0 goWindowPosCB
0x140545930 goWindowRefreshCB
0x140545820 goWindowSizeCB