ScreenShot
| Created | 2025.03.24 09:52 | Machine | s1_win7_x6403 |
| Filename | Build104.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 55 detected (Common, Strab, Malicious, score, Zusy, Unsafe, confidence, 100%, GenusT, EPRR, high confidence, ETWC, PWSX, kvzmay, 0XapLWekQUP, Kryptik, muijy, Siggen30, GenKryptik, AMADEY, YXFCSZ, Detected, GrayWare, Wacapew, Sabsik, Multiverze, ABTrojan, QBXQ, R697000, Artemis, BScope, TrojanPSW, Rhadamanthys, Krypt, Chgt, Gencirc, susgen, HGUG) | ||
| md5 | d93c9f26b0d69dd22cdbc76e3cfea0e5 | ||
| sha256 | e57f307bee3c0b72d9f62f09567ed298041171828fa2993bff97cd1a5780b488 | ||
| ssdeep | 12288:Q5p1UZ32H10rH5ZVZEsh8ZskmY5a4JNXuOwhDx/K:Q5pOZGHOrH5RLG64JNXQ1h | ||
| imphash | 81dd082c3ea735ad5ba4cf627001ae92 | ||
| impfuzzy | 48:rBbXngS1jtd5c+pppA8tEUEkEQ6UyESeIRJXUSezSpJiAACXECwtyKj6U0AkSvls:pngS1jtd5c+ppzbeOHub | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 55 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x479014 SetEndOfFile
0x479018 HeapSize
0x47901c CreateFileW
0x479020 DecodePointer
0x479024 SetFilePointerEx
0x479028 GetFileSizeEx
0x47902c GetConsoleOutputCP
0x479030 FlushFileBuffers
0x479034 GetProcessHeap
0x479038 GetStringTypeW
0x47903c SetStdHandle
0x479040 FreeEnvironmentStringsW
0x479044 GetEnvironmentStringsW
0x479048 WideCharToMultiByte
0x47904c MultiByteToWideChar
0x479050 GetCommandLineW
0x479054 GetCommandLineA
0x479058 GetCPInfo
0x47905c GetOEMCP
0x479060 GetACP
0x479064 MapViewOfFile
0x479068 FindNextFileW
0x47906c FindFirstFileExW
0x479070 FindClose
0x479074 ReadConsoleW
0x479078 GetConsoleMode
0x47907c ReadFile
0x479080 HeapReAlloc
0x479084 GetFileType
0x479088 LCMapStringW
0x47908c HeapAlloc
0x479090 HeapFree
0x479094 GetModuleHandleExW
0x479098 ExitProcess
0x47909c GetModuleFileNameW
0x4790a0 CreateFileMappingW
0x4790a4 CreateEventW
0x4790a8 WaitForSingleObject
0x4790ac IsValidCodePage
0x4790b0 CloseHandle
0x4790b4 WriteFile
0x4790b8 GetStdHandle
0x4790bc RaiseException
0x4790c0 EncodePointer
0x4790c4 LoadLibraryExW
0x4790c8 IsProcessorFeaturePresent
0x4790cc QueryPerformanceCounter
0x4790d0 GetCurrentProcessId
0x4790d4 GetCurrentThreadId
0x4790d8 GetSystemTimeAsFileTime
0x4790dc InitializeSListHead
0x4790e0 IsDebuggerPresent
0x4790e4 UnhandledExceptionFilter
0x4790e8 SetUnhandledExceptionFilter
0x4790ec GetStartupInfoW
0x4790f0 GetModuleHandleW
0x4790f4 GetCurrentProcess
0x4790f8 TerminateProcess
0x4790fc RtlUnwind
0x479100 GetLastError
0x479104 SetLastError
0x479108 EnterCriticalSection
0x47910c LeaveCriticalSection
0x479110 DeleteCriticalSection
0x479114 InitializeCriticalSectionAndSpinCount
0x479118 TlsAlloc
0x47911c TlsGetValue
0x479120 TlsSetValue
0x479124 TlsFree
0x479128 FreeLibrary
0x47912c GetProcAddress
0x479130 WriteConsoleW
USER32.dll
0x479160 GetWindowLongA
0x479164 GetWindowTextLengthW
0x479168 GetWindowTextW
0x47916c EnableWindow
0x479170 InvalidateRect
0x479174 DialogBoxParamW
0x479178 GetWindowTextLengthA
0x47917c CheckDlgButton
0x479180 KillTimer
0x479184 GetDlgItem
0x479188 MapDialogRect
0x47918c CharUpperA
0x479190 LoadIconA
0x479194 SetCursor
0x479198 CharUpperW
0x47919c SetDlgItemTextA
0x4791a0 IsDlgButtonChecked
0x4791a4 MoveWindow
0x4791a8 IsWindowEnabled
0x4791ac SetWindowTextA
0x4791b0 SendMessageA
0x4791b4 GetWindowTextA
0x4791b8 SetWindowLongA
0x4791bc SetTimer
0x4791c0 ShowWindow
0x4791c4 LoadStringW
0x4791c8 DialogBoxParamA
0x4791cc SetWindowTextW
0x4791d0 EndDialog
0x4791d4 SendMessageW
0x4791d8 ScreenToClient
0x4791dc PostMessageA
0x4791e0 CharPrevA
0x4791e4 LoadStringA
0x4791e8 MessageBoxW
0x4791ec LoadCursorA
0x4791f0 GetWindowRect
ole32.dll
0x4791f8 CoUninitialize
0x4791fc CoInitialize
OLEAUT32.dll
0x479138 SysStringByteLen
0x47913c SysAllocString
0x479140 VariantCopy
0x479144 VariantClear
COMCTL32.dll
0x479000 None
COMDLG32.dll
0x479008 GetOpenFileNameW
0x47900c GetOpenFileNameA
SHELL32.dll
0x47914c SHGetPathFromIDListA
0x479150 SHBrowseForFolderA
0x479154 SHGetFileInfoA
0x479158 SHGetMalloc
EAT(Export Address Table) is none
KERNEL32.dll
0x479014 SetEndOfFile
0x479018 HeapSize
0x47901c CreateFileW
0x479020 DecodePointer
0x479024 SetFilePointerEx
0x479028 GetFileSizeEx
0x47902c GetConsoleOutputCP
0x479030 FlushFileBuffers
0x479034 GetProcessHeap
0x479038 GetStringTypeW
0x47903c SetStdHandle
0x479040 FreeEnvironmentStringsW
0x479044 GetEnvironmentStringsW
0x479048 WideCharToMultiByte
0x47904c MultiByteToWideChar
0x479050 GetCommandLineW
0x479054 GetCommandLineA
0x479058 GetCPInfo
0x47905c GetOEMCP
0x479060 GetACP
0x479064 MapViewOfFile
0x479068 FindNextFileW
0x47906c FindFirstFileExW
0x479070 FindClose
0x479074 ReadConsoleW
0x479078 GetConsoleMode
0x47907c ReadFile
0x479080 HeapReAlloc
0x479084 GetFileType
0x479088 LCMapStringW
0x47908c HeapAlloc
0x479090 HeapFree
0x479094 GetModuleHandleExW
0x479098 ExitProcess
0x47909c GetModuleFileNameW
0x4790a0 CreateFileMappingW
0x4790a4 CreateEventW
0x4790a8 WaitForSingleObject
0x4790ac IsValidCodePage
0x4790b0 CloseHandle
0x4790b4 WriteFile
0x4790b8 GetStdHandle
0x4790bc RaiseException
0x4790c0 EncodePointer
0x4790c4 LoadLibraryExW
0x4790c8 IsProcessorFeaturePresent
0x4790cc QueryPerformanceCounter
0x4790d0 GetCurrentProcessId
0x4790d4 GetCurrentThreadId
0x4790d8 GetSystemTimeAsFileTime
0x4790dc InitializeSListHead
0x4790e0 IsDebuggerPresent
0x4790e4 UnhandledExceptionFilter
0x4790e8 SetUnhandledExceptionFilter
0x4790ec GetStartupInfoW
0x4790f0 GetModuleHandleW
0x4790f4 GetCurrentProcess
0x4790f8 TerminateProcess
0x4790fc RtlUnwind
0x479100 GetLastError
0x479104 SetLastError
0x479108 EnterCriticalSection
0x47910c LeaveCriticalSection
0x479110 DeleteCriticalSection
0x479114 InitializeCriticalSectionAndSpinCount
0x479118 TlsAlloc
0x47911c TlsGetValue
0x479120 TlsSetValue
0x479124 TlsFree
0x479128 FreeLibrary
0x47912c GetProcAddress
0x479130 WriteConsoleW
USER32.dll
0x479160 GetWindowLongA
0x479164 GetWindowTextLengthW
0x479168 GetWindowTextW
0x47916c EnableWindow
0x479170 InvalidateRect
0x479174 DialogBoxParamW
0x479178 GetWindowTextLengthA
0x47917c CheckDlgButton
0x479180 KillTimer
0x479184 GetDlgItem
0x479188 MapDialogRect
0x47918c CharUpperA
0x479190 LoadIconA
0x479194 SetCursor
0x479198 CharUpperW
0x47919c SetDlgItemTextA
0x4791a0 IsDlgButtonChecked
0x4791a4 MoveWindow
0x4791a8 IsWindowEnabled
0x4791ac SetWindowTextA
0x4791b0 SendMessageA
0x4791b4 GetWindowTextA
0x4791b8 SetWindowLongA
0x4791bc SetTimer
0x4791c0 ShowWindow
0x4791c4 LoadStringW
0x4791c8 DialogBoxParamA
0x4791cc SetWindowTextW
0x4791d0 EndDialog
0x4791d4 SendMessageW
0x4791d8 ScreenToClient
0x4791dc PostMessageA
0x4791e0 CharPrevA
0x4791e4 LoadStringA
0x4791e8 MessageBoxW
0x4791ec LoadCursorA
0x4791f0 GetWindowRect
ole32.dll
0x4791f8 CoUninitialize
0x4791fc CoInitialize
OLEAUT32.dll
0x479138 SysStringByteLen
0x47913c SysAllocString
0x479140 VariantCopy
0x479144 VariantClear
COMCTL32.dll
0x479000 None
COMDLG32.dll
0x479008 GetOpenFileNameW
0x47900c GetOpenFileNameA
SHELL32.dll
0x47914c SHGetPathFromIDListA
0x479150 SHBrowseForFolderA
0x479154 SHGetFileInfoA
0x479158 SHGetMalloc
EAT(Export Address Table) is none