ScreenShot
| Created | 2024.07.29 17:16 | Machine | s1_win7_x6403_us |
| Filename | runner.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 41 detected (Common, Unsafe, Genus, DAJA, Rugmi, Artemis, DangerousSig, Penguish, MalCert, CLASSIC, Nekark, xptql, Packed2, VIDAR, YXEGBZ, BadCert, Detected, ai score=80, BMHRA8, ABTrojan, OGGB, MALICIOUS, FakeSig, Chgt, susgen) | ||
| md5 | d095b91d348e777c95b845c77246022f | ||
| sha256 | 633cbe5aeee1f6ca06e39ace57475ab53f5b5604fd06eb2a4d29d9c428324597 | ||
| ssdeep | 24576:piG03BDY5HDQ/WIXZmUVXuTBk/n3MjCL/xMTO:UJYZgBVncja/xqO | ||
| imphash | e3e62d98ab20000990c4a887192c5b6f | ||
| impfuzzy | 96:wbB0f4RaxMZB8LarJ5vf8p2Ah8Hpyq9IaKZsgSKoK:aBnRlb9l5+q9IaKfd | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 41 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | One or more processes crashed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x140038118 TzSpecificLocalTimeToSystemTime
0x140038120 SystemTimeToTzSpecificLocalTime
0x140038128 FileTimeToSystemTime
0x140038130 FileTimeToLocalFileTime
0x140038138 GetFileTime
0x140038140 GetSystemTimeAsFileTime
0x140038148 GetDateFormatW
0x140038150 GetTimeFormatW
0x140038158 EnumTimeFormatsW
0x140038160 EnumDateFormatsW
0x140038168 GetUserDefaultLCID
0x140038170 FindNextFileW
0x140038178 CreateThread
0x140038180 GetTempFileNameW
0x140038188 GetCurrentProcessId
0x140038190 ReadFile
0x140038198 GetTimeZoneInformation
0x1400381a0 CompareStringW
0x1400381a8 CompareStringA
0x1400381b0 GetProcessHeap
0x1400381b8 SetEndOfFile
0x1400381c0 CreateFileA
0x1400381c8 GetLocaleInfoA
0x1400381d0 GetStringTypeW
0x1400381d8 GetStringTypeA
0x1400381e0 LCMapStringA
0x1400381e8 WriteConsoleW
0x1400381f0 GetConsoleOutputCP
0x1400381f8 WriteConsoleA
0x140038200 FlushFileBuffers
0x140038208 SetStdHandle
0x140038210 GetTickCount
0x140038218 QueryPerformanceCounter
0x140038220 GetCommandLineW
0x140038228 GetEnvironmentStringsW
0x140038230 LCMapStringW
0x140038238 HeapSize
0x140038240 HeapReAlloc
0x140038248 HeapCreate
0x140038250 HeapSetInformation
0x140038258 SetFilePointer
0x140038260 GetStartupInfoA
0x140038268 GetFileType
0x140038270 SetHandleCount
0x140038278 InitializeCriticalSectionAndSpinCount
0x140038280 LoadLibraryA
0x140038288 GetModuleFileNameA
0x140038290 GetStdHandle
0x140038298 IsValidCodePage
0x1400382a0 GetOEMCP
0x1400382a8 GetACP
0x1400382b0 GetCPInfo
0x1400382b8 GetConsoleMode
0x1400382c0 GetConsoleCP
0x1400382c8 FlsAlloc
0x1400382d0 SetLastError
0x1400382d8 FlsFree
0x1400382e0 FlsSetValue
0x1400382e8 FlsGetValue
0x1400382f0 DecodePointer
0x1400382f8 EncodePointer
0x140038300 GetStartupInfoW
0x140038308 HeapFree
0x140038310 HeapAlloc
0x140038318 ExitProcess
0x140038320 Sleep
0x140038328 RtlUnwindEx
0x140038330 RtlPcToFileHeader
0x140038338 RtlCaptureContext
0x140038340 RtlLookupFunctionEntry
0x140038348 RtlVirtualUnwind
0x140038350 IsDebuggerPresent
0x140038358 SetUnhandledExceptionFilter
0x140038360 UnhandledExceptionFilter
0x140038368 GetCurrentProcess
0x140038370 TerminateProcess
0x140038378 GetFullPathNameW
0x140038380 GetUserDefaultLangID
0x140038388 DeleteFileW
0x140038390 GetTempPathW
0x140038398 CreateDirectoryW
0x1400383a0 LoadLibraryExW
0x1400383a8 FindResourceW
0x1400383b0 LoadResource
0x1400383b8 SizeofResource
0x1400383c0 FreeLibrary
0x1400383c8 lstrcmpiW
0x1400383d0 LeaveCriticalSection
0x1400383d8 EnterCriticalSection
0x1400383e0 WideCharToMultiByte
0x1400383e8 WriteFile
0x1400383f0 GetLastError
0x1400383f8 DeleteCriticalSection
0x140038400 InitializeCriticalSection
0x140038408 SetEnvironmentVariableA
0x140038410 RaiseException
0x140038418 GetModuleFileNameW
0x140038420 GetPrivateProfileStringW
0x140038428 WritePrivateProfileStringW
0x140038430 GetLocalTime
0x140038438 GetCurrentThreadId
0x140038440 OutputDebugStringW
0x140038448 DebugBreak
0x140038450 GetModuleHandleW
0x140038458 GetProcAddress
0x140038460 LoadLibraryW
0x140038468 lstrcatW
0x140038470 FindFirstFileW
0x140038478 FindClose
0x140038480 lstrcpynW
0x140038488 lstrlenA
0x140038490 GetFileAttributesW
0x140038498 SetFileAttributesW
0x1400384a0 CreateFileW
0x1400384a8 SystemTimeToFileTime
0x1400384b0 LocalFileTimeToFileTime
0x1400384b8 SetFileTime
0x1400384c0 CloseHandle
0x1400384c8 MultiByteToWideChar
0x1400384d0 lstrlenW
0x1400384d8 GlobalAlloc
0x1400384e0 GlobalLock
0x1400384e8 lstrcpyW
0x1400384f0 FreeEnvironmentStringsW
0x1400384f8 GlobalUnlock
USER32.dll
0x140038570 RedrawWindow
0x140038578 CheckMenuItem
0x140038580 DestroyMenu
0x140038588 GetCursorPos
0x140038590 GetKeyState
0x140038598 SetRect
0x1400385a0 GetWindowPlacement
0x1400385a8 SetParent
0x1400385b0 GetFocus
0x1400385b8 InsertMenuW
0x1400385c0 KillTimer
0x1400385c8 GetDlgItem
0x1400385d0 EndDialog
0x1400385d8 SetWindowTextW
0x1400385e0 DialogBoxParamW
0x1400385e8 CopyRect
0x1400385f0 GetClientRect
0x1400385f8 GetMessagePos
0x140038600 GetMenuItemCount
0x140038608 UnhookWindowsHookEx
0x140038610 TrackPopupMenuEx
0x140038618 GetSubMenu
0x140038620 GetActiveWindow
0x140038628 IsWindowVisible
0x140038630 GetSysColorBrush
0x140038638 SetMenuItemInfoW
0x140038640 TrackPopupMenu
0x140038648 SendDlgItemMessageW
0x140038650 ClientToScreen
0x140038658 MoveWindow
0x140038660 GetSysColor
0x140038668 LoadAcceleratorsW
0x140038670 TranslateAcceleratorW
0x140038678 TranslateMessage
0x140038680 DispatchMessageW
0x140038688 GetMessageW
0x140038690 EnableWindow
0x140038698 wsprintfW
0x1400386a0 ScreenToClient
0x1400386a8 LoadIconW
0x1400386b0 LoadCursorW
0x1400386b8 RegisterClassExW
0x1400386c0 DestroyWindow
0x1400386c8 PostQuitMessage
0x1400386d0 BeginPaint
0x1400386d8 EndPaint
0x1400386e0 InvalidateRect
0x1400386e8 GetDlgCtrlID
0x1400386f0 CreateWindowExW
0x1400386f8 ShowWindow
0x140038700 SetWindowsHookExW
0x140038708 CallNextHookEx
0x140038710 GetDC
0x140038718 GetWindowTextW
0x140038720 GetParent
0x140038728 GetClassNameW
0x140038730 CharNextW
0x140038738 CharLowerW
0x140038740 DefWindowProcW
0x140038748 GetMenuItemInfoW
0x140038750 DrawTextW
0x140038758 wvsprintfW
0x140038760 PostMessageW
0x140038768 GetWindowLongPtrW
0x140038770 SetWindowLongPtrW
0x140038778 CallWindowProcW
0x140038780 GetWindowLongW
0x140038788 SetWindowLongW
0x140038790 SetWindowPos
0x140038798 MapWindowPoints
0x1400387a0 GetWindowRect
0x1400387a8 OffsetRect
0x1400387b0 ReleaseDC
0x1400387b8 SetPropW
0x1400387c0 SystemParametersInfoW
0x1400387c8 GetSystemMetrics
0x1400387d0 LoadImageW
0x1400387d8 SetTimer
0x1400387e0 LoadMenuW
0x1400387e8 SetMenu
0x1400387f0 CreateMenu
0x1400387f8 CreatePopupMenu
0x140038800 AppendMenuW
0x140038808 MessageBoxW
0x140038810 GetClipboardData
0x140038818 LoadStringW
0x140038820 OpenClipboard
0x140038828 EmptyClipboard
0x140038830 SetClipboardData
0x140038838 CloseClipboard
0x140038840 SendMessageW
GDI32.dll
0x140038090 GetCurrentObject
0x140038098 SetPixel
0x1400380a0 GetStockObject
0x1400380a8 GetObjectW
0x1400380b0 CreateFontIndirectW
0x1400380b8 SetTextColor
0x1400380c0 ExtTextOutW
0x1400380c8 SetBkColor
0x1400380d0 SetBkMode
0x1400380d8 CreateSolidBrush
0x1400380e0 GetClipBox
0x1400380e8 OffsetWindowOrgEx
0x1400380f0 SelectObject
0x1400380f8 GetTextExtentPoint32W
0x140038100 GetDeviceCaps
0x140038108 DeleteObject
COMDLG32.dll
0x140038080 GetOpenFileNameW
ADVAPI32.dll
0x140038000 RegDeleteValueW
0x140038008 RegCloseKey
0x140038010 RegCreateKeyExW
0x140038018 RegOpenKeyExW
0x140038020 RegSetValueExW
0x140038028 RegQueryInfoKeyW
0x140038030 RegDeleteKeyW
0x140038038 RegEnumKeyExW
SHELL32.dll
0x140038528 DragQueryFileW
0x140038530 DragFinish
0x140038538 ShellExecuteExW
0x140038540 SHGetSpecialFolderPathW
0x140038548 SHGetMalloc
0x140038550 SHBrowseForFolderW
0x140038558 SHGetPathFromIDListW
0x140038560 ShellExecuteW
ole32.dll
0x140038850 CoTaskMemFree
0x140038858 CoTaskMemRealloc
0x140038860 CoTaskMemAlloc
0x140038868 CoCreateInstance
0x140038870 OleInitialize
OLEAUT32.dll
0x140038508 VarDateFromStr
0x140038510 VarUI4FromStr
0x140038518 SysAllocStringLen
COMCTL32.dll
0x140038048 None
0x140038050 InitCommonControlsEx
0x140038058 ImageList_ReplaceIcon
0x140038060 ImageList_Create
0x140038068 ImageList_DrawEx
0x140038070 ImageList_Draw
EAT(Export Address Table) is none
KERNEL32.dll
0x140038118 TzSpecificLocalTimeToSystemTime
0x140038120 SystemTimeToTzSpecificLocalTime
0x140038128 FileTimeToSystemTime
0x140038130 FileTimeToLocalFileTime
0x140038138 GetFileTime
0x140038140 GetSystemTimeAsFileTime
0x140038148 GetDateFormatW
0x140038150 GetTimeFormatW
0x140038158 EnumTimeFormatsW
0x140038160 EnumDateFormatsW
0x140038168 GetUserDefaultLCID
0x140038170 FindNextFileW
0x140038178 CreateThread
0x140038180 GetTempFileNameW
0x140038188 GetCurrentProcessId
0x140038190 ReadFile
0x140038198 GetTimeZoneInformation
0x1400381a0 CompareStringW
0x1400381a8 CompareStringA
0x1400381b0 GetProcessHeap
0x1400381b8 SetEndOfFile
0x1400381c0 CreateFileA
0x1400381c8 GetLocaleInfoA
0x1400381d0 GetStringTypeW
0x1400381d8 GetStringTypeA
0x1400381e0 LCMapStringA
0x1400381e8 WriteConsoleW
0x1400381f0 GetConsoleOutputCP
0x1400381f8 WriteConsoleA
0x140038200 FlushFileBuffers
0x140038208 SetStdHandle
0x140038210 GetTickCount
0x140038218 QueryPerformanceCounter
0x140038220 GetCommandLineW
0x140038228 GetEnvironmentStringsW
0x140038230 LCMapStringW
0x140038238 HeapSize
0x140038240 HeapReAlloc
0x140038248 HeapCreate
0x140038250 HeapSetInformation
0x140038258 SetFilePointer
0x140038260 GetStartupInfoA
0x140038268 GetFileType
0x140038270 SetHandleCount
0x140038278 InitializeCriticalSectionAndSpinCount
0x140038280 LoadLibraryA
0x140038288 GetModuleFileNameA
0x140038290 GetStdHandle
0x140038298 IsValidCodePage
0x1400382a0 GetOEMCP
0x1400382a8 GetACP
0x1400382b0 GetCPInfo
0x1400382b8 GetConsoleMode
0x1400382c0 GetConsoleCP
0x1400382c8 FlsAlloc
0x1400382d0 SetLastError
0x1400382d8 FlsFree
0x1400382e0 FlsSetValue
0x1400382e8 FlsGetValue
0x1400382f0 DecodePointer
0x1400382f8 EncodePointer
0x140038300 GetStartupInfoW
0x140038308 HeapFree
0x140038310 HeapAlloc
0x140038318 ExitProcess
0x140038320 Sleep
0x140038328 RtlUnwindEx
0x140038330 RtlPcToFileHeader
0x140038338 RtlCaptureContext
0x140038340 RtlLookupFunctionEntry
0x140038348 RtlVirtualUnwind
0x140038350 IsDebuggerPresent
0x140038358 SetUnhandledExceptionFilter
0x140038360 UnhandledExceptionFilter
0x140038368 GetCurrentProcess
0x140038370 TerminateProcess
0x140038378 GetFullPathNameW
0x140038380 GetUserDefaultLangID
0x140038388 DeleteFileW
0x140038390 GetTempPathW
0x140038398 CreateDirectoryW
0x1400383a0 LoadLibraryExW
0x1400383a8 FindResourceW
0x1400383b0 LoadResource
0x1400383b8 SizeofResource
0x1400383c0 FreeLibrary
0x1400383c8 lstrcmpiW
0x1400383d0 LeaveCriticalSection
0x1400383d8 EnterCriticalSection
0x1400383e0 WideCharToMultiByte
0x1400383e8 WriteFile
0x1400383f0 GetLastError
0x1400383f8 DeleteCriticalSection
0x140038400 InitializeCriticalSection
0x140038408 SetEnvironmentVariableA
0x140038410 RaiseException
0x140038418 GetModuleFileNameW
0x140038420 GetPrivateProfileStringW
0x140038428 WritePrivateProfileStringW
0x140038430 GetLocalTime
0x140038438 GetCurrentThreadId
0x140038440 OutputDebugStringW
0x140038448 DebugBreak
0x140038450 GetModuleHandleW
0x140038458 GetProcAddress
0x140038460 LoadLibraryW
0x140038468 lstrcatW
0x140038470 FindFirstFileW
0x140038478 FindClose
0x140038480 lstrcpynW
0x140038488 lstrlenA
0x140038490 GetFileAttributesW
0x140038498 SetFileAttributesW
0x1400384a0 CreateFileW
0x1400384a8 SystemTimeToFileTime
0x1400384b0 LocalFileTimeToFileTime
0x1400384b8 SetFileTime
0x1400384c0 CloseHandle
0x1400384c8 MultiByteToWideChar
0x1400384d0 lstrlenW
0x1400384d8 GlobalAlloc
0x1400384e0 GlobalLock
0x1400384e8 lstrcpyW
0x1400384f0 FreeEnvironmentStringsW
0x1400384f8 GlobalUnlock
USER32.dll
0x140038570 RedrawWindow
0x140038578 CheckMenuItem
0x140038580 DestroyMenu
0x140038588 GetCursorPos
0x140038590 GetKeyState
0x140038598 SetRect
0x1400385a0 GetWindowPlacement
0x1400385a8 SetParent
0x1400385b0 GetFocus
0x1400385b8 InsertMenuW
0x1400385c0 KillTimer
0x1400385c8 GetDlgItem
0x1400385d0 EndDialog
0x1400385d8 SetWindowTextW
0x1400385e0 DialogBoxParamW
0x1400385e8 CopyRect
0x1400385f0 GetClientRect
0x1400385f8 GetMessagePos
0x140038600 GetMenuItemCount
0x140038608 UnhookWindowsHookEx
0x140038610 TrackPopupMenuEx
0x140038618 GetSubMenu
0x140038620 GetActiveWindow
0x140038628 IsWindowVisible
0x140038630 GetSysColorBrush
0x140038638 SetMenuItemInfoW
0x140038640 TrackPopupMenu
0x140038648 SendDlgItemMessageW
0x140038650 ClientToScreen
0x140038658 MoveWindow
0x140038660 GetSysColor
0x140038668 LoadAcceleratorsW
0x140038670 TranslateAcceleratorW
0x140038678 TranslateMessage
0x140038680 DispatchMessageW
0x140038688 GetMessageW
0x140038690 EnableWindow
0x140038698 wsprintfW
0x1400386a0 ScreenToClient
0x1400386a8 LoadIconW
0x1400386b0 LoadCursorW
0x1400386b8 RegisterClassExW
0x1400386c0 DestroyWindow
0x1400386c8 PostQuitMessage
0x1400386d0 BeginPaint
0x1400386d8 EndPaint
0x1400386e0 InvalidateRect
0x1400386e8 GetDlgCtrlID
0x1400386f0 CreateWindowExW
0x1400386f8 ShowWindow
0x140038700 SetWindowsHookExW
0x140038708 CallNextHookEx
0x140038710 GetDC
0x140038718 GetWindowTextW
0x140038720 GetParent
0x140038728 GetClassNameW
0x140038730 CharNextW
0x140038738 CharLowerW
0x140038740 DefWindowProcW
0x140038748 GetMenuItemInfoW
0x140038750 DrawTextW
0x140038758 wvsprintfW
0x140038760 PostMessageW
0x140038768 GetWindowLongPtrW
0x140038770 SetWindowLongPtrW
0x140038778 CallWindowProcW
0x140038780 GetWindowLongW
0x140038788 SetWindowLongW
0x140038790 SetWindowPos
0x140038798 MapWindowPoints
0x1400387a0 GetWindowRect
0x1400387a8 OffsetRect
0x1400387b0 ReleaseDC
0x1400387b8 SetPropW
0x1400387c0 SystemParametersInfoW
0x1400387c8 GetSystemMetrics
0x1400387d0 LoadImageW
0x1400387d8 SetTimer
0x1400387e0 LoadMenuW
0x1400387e8 SetMenu
0x1400387f0 CreateMenu
0x1400387f8 CreatePopupMenu
0x140038800 AppendMenuW
0x140038808 MessageBoxW
0x140038810 GetClipboardData
0x140038818 LoadStringW
0x140038820 OpenClipboard
0x140038828 EmptyClipboard
0x140038830 SetClipboardData
0x140038838 CloseClipboard
0x140038840 SendMessageW
GDI32.dll
0x140038090 GetCurrentObject
0x140038098 SetPixel
0x1400380a0 GetStockObject
0x1400380a8 GetObjectW
0x1400380b0 CreateFontIndirectW
0x1400380b8 SetTextColor
0x1400380c0 ExtTextOutW
0x1400380c8 SetBkColor
0x1400380d0 SetBkMode
0x1400380d8 CreateSolidBrush
0x1400380e0 GetClipBox
0x1400380e8 OffsetWindowOrgEx
0x1400380f0 SelectObject
0x1400380f8 GetTextExtentPoint32W
0x140038100 GetDeviceCaps
0x140038108 DeleteObject
COMDLG32.dll
0x140038080 GetOpenFileNameW
ADVAPI32.dll
0x140038000 RegDeleteValueW
0x140038008 RegCloseKey
0x140038010 RegCreateKeyExW
0x140038018 RegOpenKeyExW
0x140038020 RegSetValueExW
0x140038028 RegQueryInfoKeyW
0x140038030 RegDeleteKeyW
0x140038038 RegEnumKeyExW
SHELL32.dll
0x140038528 DragQueryFileW
0x140038530 DragFinish
0x140038538 ShellExecuteExW
0x140038540 SHGetSpecialFolderPathW
0x140038548 SHGetMalloc
0x140038550 SHBrowseForFolderW
0x140038558 SHGetPathFromIDListW
0x140038560 ShellExecuteW
ole32.dll
0x140038850 CoTaskMemFree
0x140038858 CoTaskMemRealloc
0x140038860 CoTaskMemAlloc
0x140038868 CoCreateInstance
0x140038870 OleInitialize
OLEAUT32.dll
0x140038508 VarDateFromStr
0x140038510 VarUI4FromStr
0x140038518 SysAllocStringLen
COMCTL32.dll
0x140038048 None
0x140038050 InitCommonControlsEx
0x140038058 ImageList_ReplaceIcon
0x140038060 ImageList_Create
0x140038068 ImageList_DrawEx
0x140038070 ImageList_Draw
EAT(Export Address Table) is none