ScreenShot
| Created | 2024.10.14 11:04 | Machine | s1_win7_x6401 |
| Filename | 1.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | |||
| md5 | 81c15b0f839ae1f7d3745904b03d0910 | ||
| sha256 | 2e2ffdcb93d205faf722b60590c232f55d6695e4885a1ae97383ee8c0ab7a6ed | ||
| ssdeep | 98304:BbR4Odb8V3ZZYzuX6GG6f78bMkhEsotAfIpuvTtCTfRcaKQWZW/get9sio1Uh4Z:BVNdY3ZWkh9zW1ytNVTuaHWZgg3Ch4Z | ||
| imphash | 647bc1f32f5206c42844fc594ea13105 | ||
| impfuzzy | 48:qmB1BcpV5fS1jtdnE9uZTA5wYRVQRT0EOfw:qoBcpV5fS1jtdnEsIQRIEOfw | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | One or more processes crashed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x44b038 SetStdHandle
0x44b03c GetProcessHeap
0x44b040 HeapSize
0x44b044 CreateFileW
0x44b048 LoadLibraryA
0x44b04c GetProcAddress
0x44b050 FreeLibrary
0x44b054 FreeEnvironmentStringsW
0x44b058 GetEnvironmentStringsW
0x44b05c GetCommandLineW
0x44b060 GetCommandLineA
0x44b064 GetOEMCP
0x44b068 GetACP
0x44b06c IsValidCodePage
0x44b070 FindNextFileW
0x44b074 FindFirstFileExW
0x44b078 FindClose
0x44b07c HeapReAlloc
0x44b080 ReadConsoleW
0x44b084 SetFilePointerEx
0x44b088 GetFileSizeEx
0x44b08c ReadFile
0x44b090 WideCharToMultiByte
0x44b094 RaiseException
0x44b098 EnterCriticalSection
0x44b09c LeaveCriticalSection
0x44b0a0 InitializeCriticalSectionEx
0x44b0a4 DeleteCriticalSection
0x44b0a8 EncodePointer
0x44b0ac DecodePointer
0x44b0b0 MultiByteToWideChar
0x44b0b4 LCMapStringEx
0x44b0b8 GetStringTypeW
0x44b0bc GetCPInfo
0x44b0c0 IsProcessorFeaturePresent
0x44b0c4 QueryPerformanceCounter
0x44b0c8 GetCurrentProcessId
0x44b0cc GetCurrentThreadId
0x44b0d0 GetSystemTimeAsFileTime
0x44b0d4 InitializeSListHead
0x44b0d8 IsDebuggerPresent
0x44b0dc UnhandledExceptionFilter
0x44b0e0 SetUnhandledExceptionFilter
0x44b0e4 GetStartupInfoW
0x44b0e8 GetModuleHandleW
0x44b0ec GetCurrentProcess
0x44b0f0 TerminateProcess
0x44b0f4 RtlUnwind
0x44b0f8 GetLastError
0x44b0fc SetLastError
0x44b100 InitializeCriticalSectionAndSpinCount
0x44b104 TlsAlloc
0x44b108 TlsGetValue
0x44b10c TlsSetValue
0x44b110 TlsFree
0x44b114 LoadLibraryExW
0x44b118 ExitProcess
0x44b11c GetModuleHandleExW
0x44b120 GetStdHandle
0x44b124 WriteFile
0x44b128 GetModuleFileNameW
0x44b12c HeapFree
0x44b130 HeapAlloc
0x44b134 GetFileType
0x44b138 LCMapStringW
0x44b13c GetLocaleInfoW
0x44b140 IsValidLocale
0x44b144 GetUserDefaultLCID
0x44b148 EnumSystemLocalesW
0x44b14c CloseHandle
0x44b150 FlushFileBuffers
0x44b154 GetConsoleOutputCP
0x44b158 GetConsoleMode
0x44b15c WriteConsoleW
USER32.dll
0x44b1a0 ReleaseDC
0x44b1a4 FillRect
0x44b1a8 GetDC
GDI32.dll
0x44b000 CreateCompatibleBitmap
0x44b004 TextOutW
0x44b008 MoveToEx
0x44b00c SetTextColor
0x44b010 SetROP2
0x44b014 SetBkColor
0x44b018 SelectObject
0x44b01c LineTo
0x44b020 GetCurrentPositionEx
0x44b024 DeleteObject
0x44b028 CreateSolidBrush
0x44b02c CreatePen
0x44b030 CreateFontW
ole32.dll
0x44b1b0 CoUninitialize
0x44b1b4 CoInitialize
OLEAUT32.dll
0x44b164 VariantClear
0x44b168 VariantInit
0x44b16c SafeArrayCreateVector
0x44b170 SafeArrayGetLBound
0x44b174 SafeArrayGetUBound
0x44b178 SafeArrayDestroy
0x44b17c VariantCopy
0x44b180 VariantTimeToSystemTime
0x44b184 SystemTimeToVariantTime
0x44b188 SysStringLen
0x44b18c SysFreeString
0x44b190 SysAllocStringLen
0x44b194 SysAllocString
0x44b198 SafeArrayCreate
EAT(Export Address Table) is none
KERNEL32.dll
0x44b038 SetStdHandle
0x44b03c GetProcessHeap
0x44b040 HeapSize
0x44b044 CreateFileW
0x44b048 LoadLibraryA
0x44b04c GetProcAddress
0x44b050 FreeLibrary
0x44b054 FreeEnvironmentStringsW
0x44b058 GetEnvironmentStringsW
0x44b05c GetCommandLineW
0x44b060 GetCommandLineA
0x44b064 GetOEMCP
0x44b068 GetACP
0x44b06c IsValidCodePage
0x44b070 FindNextFileW
0x44b074 FindFirstFileExW
0x44b078 FindClose
0x44b07c HeapReAlloc
0x44b080 ReadConsoleW
0x44b084 SetFilePointerEx
0x44b088 GetFileSizeEx
0x44b08c ReadFile
0x44b090 WideCharToMultiByte
0x44b094 RaiseException
0x44b098 EnterCriticalSection
0x44b09c LeaveCriticalSection
0x44b0a0 InitializeCriticalSectionEx
0x44b0a4 DeleteCriticalSection
0x44b0a8 EncodePointer
0x44b0ac DecodePointer
0x44b0b0 MultiByteToWideChar
0x44b0b4 LCMapStringEx
0x44b0b8 GetStringTypeW
0x44b0bc GetCPInfo
0x44b0c0 IsProcessorFeaturePresent
0x44b0c4 QueryPerformanceCounter
0x44b0c8 GetCurrentProcessId
0x44b0cc GetCurrentThreadId
0x44b0d0 GetSystemTimeAsFileTime
0x44b0d4 InitializeSListHead
0x44b0d8 IsDebuggerPresent
0x44b0dc UnhandledExceptionFilter
0x44b0e0 SetUnhandledExceptionFilter
0x44b0e4 GetStartupInfoW
0x44b0e8 GetModuleHandleW
0x44b0ec GetCurrentProcess
0x44b0f0 TerminateProcess
0x44b0f4 RtlUnwind
0x44b0f8 GetLastError
0x44b0fc SetLastError
0x44b100 InitializeCriticalSectionAndSpinCount
0x44b104 TlsAlloc
0x44b108 TlsGetValue
0x44b10c TlsSetValue
0x44b110 TlsFree
0x44b114 LoadLibraryExW
0x44b118 ExitProcess
0x44b11c GetModuleHandleExW
0x44b120 GetStdHandle
0x44b124 WriteFile
0x44b128 GetModuleFileNameW
0x44b12c HeapFree
0x44b130 HeapAlloc
0x44b134 GetFileType
0x44b138 LCMapStringW
0x44b13c GetLocaleInfoW
0x44b140 IsValidLocale
0x44b144 GetUserDefaultLCID
0x44b148 EnumSystemLocalesW
0x44b14c CloseHandle
0x44b150 FlushFileBuffers
0x44b154 GetConsoleOutputCP
0x44b158 GetConsoleMode
0x44b15c WriteConsoleW
USER32.dll
0x44b1a0 ReleaseDC
0x44b1a4 FillRect
0x44b1a8 GetDC
GDI32.dll
0x44b000 CreateCompatibleBitmap
0x44b004 TextOutW
0x44b008 MoveToEx
0x44b00c SetTextColor
0x44b010 SetROP2
0x44b014 SetBkColor
0x44b018 SelectObject
0x44b01c LineTo
0x44b020 GetCurrentPositionEx
0x44b024 DeleteObject
0x44b028 CreateSolidBrush
0x44b02c CreatePen
0x44b030 CreateFontW
ole32.dll
0x44b1b0 CoUninitialize
0x44b1b4 CoInitialize
OLEAUT32.dll
0x44b164 VariantClear
0x44b168 VariantInit
0x44b16c SafeArrayCreateVector
0x44b170 SafeArrayGetLBound
0x44b174 SafeArrayGetUBound
0x44b178 SafeArrayDestroy
0x44b17c VariantCopy
0x44b180 VariantTimeToSystemTime
0x44b184 SystemTimeToVariantTime
0x44b188 SysStringLen
0x44b18c SysFreeString
0x44b190 SysAllocStringLen
0x44b194 SysAllocString
0x44b198 SafeArrayCreate
EAT(Export Address Table) is none