ScreenShot
| Created | 2024.08.09 11:21 | Machine | s1_win7_x6401 |
| Filename | Filemy.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 1 detected (AIDetectMalware) | ||
| md5 | 850a43e323656b86ae665d8b4fd71369 | ||
| sha256 | 539423d2e436e198df15b5577d816dc306ba4c03b1362f7731e675b51f4a5f42 | ||
| ssdeep | 6144:WEq38uejOBA0ItZ1PNWPQqLlXXXXVXDBsXdZC/R0EjW0VnXNvdroJ:/q0jOBARWPRLlXXXXVXSXdZk0EjW0VnM | ||
| imphash | f24c4fa95541488eed81258d72fa6336 | ||
| impfuzzy | 96:Az/yOP/PIm4/ohx/bhm/Nj21Zf/A8/V+dhEgBeKuGk8vELSVcpV5zfahp:Az1PIm4w9NyNj21ZnBVwPBqvfahp | ||
Network IP location
Signature (1cnts)
| Level | Description |
|---|---|
| notice | File has been identified by one AntiVirus engine on VirusTotal as malicious |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
desktop_drop_plugin.dll
0x140027390 DesktopDropPluginRegisterWithRegistrar
desktop_multi_window_plugin.dll
0x1400273a0 DesktopMultiWindowSetWindowCreatedCallback
0x1400273a8 DesktopMultiWindowPluginRegisterWithRegistrar
file_selector_windows_plugin.dll
0x1400273b8 FileSelectorWindowsRegisterWithRegistrar
flutter_custom_cursor_plugin.dll
0x1400273c8 FlutterCustomCursorPluginRegisterWithRegistrar
flutter_gpu_texture_renderer_plugin.dll
0x1400273d8 FlutterGpuTextureRendererPluginCApiRegisterWithRegistrar
screen_retriever_plugin.dll
0x1400274b8 ScreenRetrieverPluginRegisterWithRegistrar
texture_rgba_renderer_plugin.dll
0x1400274c8 TextureRgbaRendererPluginCApiRegisterWithRegistrar
uni_links_desktop_plugin.dll
0x1400274d8 UniLinksDesktopPluginRegisterWithRegistrar
0x1400274e0 DispatchToUniLinksDesktop
url_launcher_windows_plugin.dll
0x1400274f0 UrlLauncherWindowsRegisterWithRegistrar
window_manager_plugin.dll
0x140027500 WindowManagerPluginRegisterWithRegistrar
window_size_plugin.dll
0x140027510 WindowSizePluginRegisterWithRegistrar
flutter_windows.dll
0x1400273e8 FlutterDesktopMessengerRelease
0x1400273f0 FlutterDesktopMessengerAddRef
0x1400273f8 FlutterDesktopMessengerSetCallback
0x140027400 FlutterDesktopMessengerSendResponse
0x140027408 FlutterDesktopMessengerSendWithReply
0x140027410 FlutterDesktopMessengerSend
0x140027418 FlutterDesktopViewControllerHandleTopLevelWindowProc
0x140027420 FlutterDesktopViewControllerGetView
0x140027428 FlutterDesktopViewControllerDestroy
0x140027430 FlutterDesktopViewControllerCreate
0x140027438 FlutterDesktopEngineGetMessenger
0x140027440 FlutterDesktopEngineGetPluginRegistrar
0x140027448 FlutterDesktopEngineReloadSystemFonts
0x140027450 FlutterDesktopEngineDestroy
0x140027458 FlutterDesktopEngineCreate
0x140027460 FlutterDesktopGetDpiForMonitor
0x140027468 FlutterDesktopResyncOutputStreams
0x140027470 FlutterDesktopViewGetHWND
0x140027478 FlutterDesktopMessengerIsAvailable
0x140027480 FlutterDesktopMessengerLock
0x140027488 FlutterDesktopMessengerUnlock
KERNEL32.dll
0x140027000 WriteConsoleW
0x140027008 SetEndOfFile
0x140027010 HeapSize
0x140027018 CreateFileW
0x140027020 GetProcessHeap
0x140027028 FreeEnvironmentStringsW
0x140027030 GetEnvironmentStringsW
0x140027038 GetCommandLineA
0x140027040 GetOEMCP
0x140027048 GetACP
0x140027050 IsValidCodePage
0x140027058 FindNextFileW
0x140027060 FindFirstFileExW
0x140027068 FindClose
0x140027070 HeapReAlloc
0x140027078 ReadConsoleW
0x140027080 SetFilePointerEx
0x140027088 GetFileSizeEx
0x140027090 ReadFile
0x140027098 GetConsoleMode
0x1400270a0 GetConsoleOutputCP
0x1400270a8 FlushFileBuffers
0x1400270b0 CloseHandle
0x1400270b8 SetStdHandle
0x1400270c0 GetFileType
0x1400270c8 EnumSystemLocalesW
0x1400270d0 GetUserDefaultLCID
0x1400270d8 IsValidLocale
0x1400270e0 GetLocaleInfoW
0x1400270e8 LCMapStringW
0x1400270f0 FlsFree
0x1400270f8 FlsSetValue
0x140027100 FlsGetValue
0x140027108 FlsAlloc
0x140027110 HeapAlloc
0x140027118 HeapFree
0x140027120 WriteFile
0x140027128 GetStdHandle
0x140027130 GetModuleFileNameW
0x140027138 GetModuleHandleExW
0x140027140 ExitProcess
0x140027148 DuplicateHandle
0x140027150 LoadLibraryExW
0x140027158 TlsFree
0x140027160 TlsSetValue
0x140027168 IsDebuggerPresent
0x140027170 GetProcAddress
0x140027178 LoadLibraryA
0x140027180 AttachConsole
0x140027188 GetCommandLineW
0x140027190 LocalFree
0x140027198 WideCharToMultiByte
0x1400271a0 AllocConsole
0x1400271a8 FreeLibrary
0x1400271b0 GetModuleHandleW
0x1400271b8 TlsGetValue
0x1400271c0 TlsAlloc
0x1400271c8 InitializeCriticalSectionAndSpinCount
0x1400271d0 SetLastError
0x1400271d8 GetLastError
0x1400271e0 RaiseException
0x1400271e8 RtlPcToFileHeader
0x1400271f0 RtlUnwindEx
0x1400271f8 InitializeSListHead
0x140027200 GetSystemTimeAsFileTime
0x140027208 GetCurrentThreadId
0x140027210 GetCurrentProcessId
0x140027218 QueryPerformanceCounter
0x140027220 GetStartupInfoW
0x140027228 IsProcessorFeaturePresent
0x140027230 TerminateProcess
0x140027238 GetCurrentProcess
0x140027240 SetUnhandledExceptionFilter
0x140027248 UnhandledExceptionFilter
0x140027250 RtlVirtualUnwind
0x140027258 RtlLookupFunctionEntry
0x140027260 RtlCaptureContext
0x140027268 GetCPInfo
0x140027270 RtlUnwind
0x140027278 EnterCriticalSection
0x140027280 LeaveCriticalSection
0x140027288 InitializeCriticalSectionEx
0x140027290 DeleteCriticalSection
0x140027298 EncodePointer
0x1400272a0 DecodePointer
0x1400272a8 MultiByteToWideChar
0x1400272b0 LCMapStringEx
0x1400272b8 GetStringTypeW
USER32.dll
0x1400272d8 TranslateMessage
0x1400272e0 GetMessageW
0x1400272e8 CreateWindowExW
0x1400272f0 ShowWindow
0x1400272f8 MonitorFromPoint
0x140027300 LoadIconW
0x140027308 LoadCursorW
0x140027310 SetParent
0x140027318 SetWindowLongPtrW
0x140027320 GetWindowLongPtrW
0x140027328 GetClientRect
0x140027330 SetFocus
0x140027338 SetWindowPos
0x140027340 MoveWindow
0x140027348 DestroyWindow
0x140027350 SetForegroundWindow
0x140027358 UnregisterClassW
0x140027360 RegisterClassW
0x140027368 PostQuitMessage
0x140027370 DefWindowProcW
0x140027378 FindWindowW
0x140027380 DispatchMessageW
SHELL32.dll
0x1400272c8 CommandLineToArgvW
ole32.dll
0x140027498 CoInitializeEx
0x1400274a0 CoCreateInstance
0x1400274a8 CoUninitialize
EAT(Export Address Table) is none
desktop_drop_plugin.dll
0x140027390 DesktopDropPluginRegisterWithRegistrar
desktop_multi_window_plugin.dll
0x1400273a0 DesktopMultiWindowSetWindowCreatedCallback
0x1400273a8 DesktopMultiWindowPluginRegisterWithRegistrar
file_selector_windows_plugin.dll
0x1400273b8 FileSelectorWindowsRegisterWithRegistrar
flutter_custom_cursor_plugin.dll
0x1400273c8 FlutterCustomCursorPluginRegisterWithRegistrar
flutter_gpu_texture_renderer_plugin.dll
0x1400273d8 FlutterGpuTextureRendererPluginCApiRegisterWithRegistrar
screen_retriever_plugin.dll
0x1400274b8 ScreenRetrieverPluginRegisterWithRegistrar
texture_rgba_renderer_plugin.dll
0x1400274c8 TextureRgbaRendererPluginCApiRegisterWithRegistrar
uni_links_desktop_plugin.dll
0x1400274d8 UniLinksDesktopPluginRegisterWithRegistrar
0x1400274e0 DispatchToUniLinksDesktop
url_launcher_windows_plugin.dll
0x1400274f0 UrlLauncherWindowsRegisterWithRegistrar
window_manager_plugin.dll
0x140027500 WindowManagerPluginRegisterWithRegistrar
window_size_plugin.dll
0x140027510 WindowSizePluginRegisterWithRegistrar
flutter_windows.dll
0x1400273e8 FlutterDesktopMessengerRelease
0x1400273f0 FlutterDesktopMessengerAddRef
0x1400273f8 FlutterDesktopMessengerSetCallback
0x140027400 FlutterDesktopMessengerSendResponse
0x140027408 FlutterDesktopMessengerSendWithReply
0x140027410 FlutterDesktopMessengerSend
0x140027418 FlutterDesktopViewControllerHandleTopLevelWindowProc
0x140027420 FlutterDesktopViewControllerGetView
0x140027428 FlutterDesktopViewControllerDestroy
0x140027430 FlutterDesktopViewControllerCreate
0x140027438 FlutterDesktopEngineGetMessenger
0x140027440 FlutterDesktopEngineGetPluginRegistrar
0x140027448 FlutterDesktopEngineReloadSystemFonts
0x140027450 FlutterDesktopEngineDestroy
0x140027458 FlutterDesktopEngineCreate
0x140027460 FlutterDesktopGetDpiForMonitor
0x140027468 FlutterDesktopResyncOutputStreams
0x140027470 FlutterDesktopViewGetHWND
0x140027478 FlutterDesktopMessengerIsAvailable
0x140027480 FlutterDesktopMessengerLock
0x140027488 FlutterDesktopMessengerUnlock
KERNEL32.dll
0x140027000 WriteConsoleW
0x140027008 SetEndOfFile
0x140027010 HeapSize
0x140027018 CreateFileW
0x140027020 GetProcessHeap
0x140027028 FreeEnvironmentStringsW
0x140027030 GetEnvironmentStringsW
0x140027038 GetCommandLineA
0x140027040 GetOEMCP
0x140027048 GetACP
0x140027050 IsValidCodePage
0x140027058 FindNextFileW
0x140027060 FindFirstFileExW
0x140027068 FindClose
0x140027070 HeapReAlloc
0x140027078 ReadConsoleW
0x140027080 SetFilePointerEx
0x140027088 GetFileSizeEx
0x140027090 ReadFile
0x140027098 GetConsoleMode
0x1400270a0 GetConsoleOutputCP
0x1400270a8 FlushFileBuffers
0x1400270b0 CloseHandle
0x1400270b8 SetStdHandle
0x1400270c0 GetFileType
0x1400270c8 EnumSystemLocalesW
0x1400270d0 GetUserDefaultLCID
0x1400270d8 IsValidLocale
0x1400270e0 GetLocaleInfoW
0x1400270e8 LCMapStringW
0x1400270f0 FlsFree
0x1400270f8 FlsSetValue
0x140027100 FlsGetValue
0x140027108 FlsAlloc
0x140027110 HeapAlloc
0x140027118 HeapFree
0x140027120 WriteFile
0x140027128 GetStdHandle
0x140027130 GetModuleFileNameW
0x140027138 GetModuleHandleExW
0x140027140 ExitProcess
0x140027148 DuplicateHandle
0x140027150 LoadLibraryExW
0x140027158 TlsFree
0x140027160 TlsSetValue
0x140027168 IsDebuggerPresent
0x140027170 GetProcAddress
0x140027178 LoadLibraryA
0x140027180 AttachConsole
0x140027188 GetCommandLineW
0x140027190 LocalFree
0x140027198 WideCharToMultiByte
0x1400271a0 AllocConsole
0x1400271a8 FreeLibrary
0x1400271b0 GetModuleHandleW
0x1400271b8 TlsGetValue
0x1400271c0 TlsAlloc
0x1400271c8 InitializeCriticalSectionAndSpinCount
0x1400271d0 SetLastError
0x1400271d8 GetLastError
0x1400271e0 RaiseException
0x1400271e8 RtlPcToFileHeader
0x1400271f0 RtlUnwindEx
0x1400271f8 InitializeSListHead
0x140027200 GetSystemTimeAsFileTime
0x140027208 GetCurrentThreadId
0x140027210 GetCurrentProcessId
0x140027218 QueryPerformanceCounter
0x140027220 GetStartupInfoW
0x140027228 IsProcessorFeaturePresent
0x140027230 TerminateProcess
0x140027238 GetCurrentProcess
0x140027240 SetUnhandledExceptionFilter
0x140027248 UnhandledExceptionFilter
0x140027250 RtlVirtualUnwind
0x140027258 RtlLookupFunctionEntry
0x140027260 RtlCaptureContext
0x140027268 GetCPInfo
0x140027270 RtlUnwind
0x140027278 EnterCriticalSection
0x140027280 LeaveCriticalSection
0x140027288 InitializeCriticalSectionEx
0x140027290 DeleteCriticalSection
0x140027298 EncodePointer
0x1400272a0 DecodePointer
0x1400272a8 MultiByteToWideChar
0x1400272b0 LCMapStringEx
0x1400272b8 GetStringTypeW
USER32.dll
0x1400272d8 TranslateMessage
0x1400272e0 GetMessageW
0x1400272e8 CreateWindowExW
0x1400272f0 ShowWindow
0x1400272f8 MonitorFromPoint
0x140027300 LoadIconW
0x140027308 LoadCursorW
0x140027310 SetParent
0x140027318 SetWindowLongPtrW
0x140027320 GetWindowLongPtrW
0x140027328 GetClientRect
0x140027330 SetFocus
0x140027338 SetWindowPos
0x140027340 MoveWindow
0x140027348 DestroyWindow
0x140027350 SetForegroundWindow
0x140027358 UnregisterClassW
0x140027360 RegisterClassW
0x140027368 PostQuitMessage
0x140027370 DefWindowProcW
0x140027378 FindWindowW
0x140027380 DispatchMessageW
SHELL32.dll
0x1400272c8 CommandLineToArgvW
ole32.dll
0x140027498 CoInitializeEx
0x1400274a0 CoCreateInstance
0x1400274a8 CoUninitialize
EAT(Export Address Table) is none