ScreenShot
| Created | 2021.03.29 14:06 | Machine | s1_win7_x3201 |
| Filename | musteri.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 20 detected (CLOUD, ~d08@1okg8n, Artemis, bbjxs, ai score=96, Unsafe, zFOcTwFV3RI) | ||
| md5 | c64253856d7af67fb3a75fe2cfcffd09 | ||
| sha256 | 246fd88c63c5e215204c074607ad0f6108bbc213bf39d7398db892c6149fe986 | ||
| ssdeep | 393216:3jn+LvhwQv1G05yIsrhYq6pWt8sF7FGwGoQ4Kbqr3GB6kuLI8RrwtaWy2tgO3ktb:zYhwK2YrpCOohKWL+gRs9y2tr4cO | ||
| imphash | 1f4f257947c1b713ca7f9bc25f914039 | ||
| impfuzzy | 48:dfOaOcpwhcvk22IxxQSv6pfn56UyLlotn6gxSY4jSHk//KA09+vXXUh+jqQUcQjo:dfZjwh6YIjACJUGvqUtLruKD3D | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 20 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | This executable has a PDB path |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | HasDebugData | DebugData Check | binaries (upload) |
| info | HasOverlay | Overlay Check | binaries (upload) |
| info | HasRichSignature | Rich Signature Check | binaries (upload) |
| info | IsPacked | Entropy Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | screenshot | Take screenshot | binaries (upload) |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_registry | Affect system registries | binaries (upload) |
PE API
IAT(Import Address Table) Library
COMCTL32.dll
0x40f018 InitCommonControlsEx
SHLWAPI.dll
0x40f198 SHAutoComplete
KERNEL32.dll
0x40f044 GetFileAttributesA
0x40f048 GetFileAttributesW
0x40f04c SetFileAttributesA
0x40f050 SetFileAttributesW
0x40f054 MoveFileW
0x40f058 DeleteFileW
0x40f05c DeleteFileA
0x40f060 CreateDirectoryA
0x40f064 CreateDirectoryW
0x40f068 FindClose
0x40f06c FindNextFileA
0x40f070 FindFirstFileA
0x40f074 FindNextFileW
0x40f078 FindFirstFileW
0x40f07c GetVersionExW
0x40f080 GetFullPathNameA
0x40f084 GetFullPathNameW
0x40f088 MultiByteToWideChar
0x40f08c GetModuleFileNameW
0x40f090 FindResourceW
0x40f094 GetModuleHandleW
0x40f098 HeapAlloc
0x40f09c GetProcessHeap
0x40f0a0 HeapFree
0x40f0a4 HeapReAlloc
0x40f0a8 CompareStringA
0x40f0ac ExitProcess
0x40f0b0 GetTickCount
0x40f0b4 WriteFile
0x40f0b8 GetProcAddress
0x40f0bc LoadLibraryW
0x40f0c0 GetCurrentProcessId
0x40f0c4 GetLocaleInfoW
0x40f0c8 GetNumberFormatW
0x40f0cc GetDateFormatW
0x40f0d0 GetTimeFormatW
0x40f0d4 FileTimeToSystemTime
0x40f0d8 FileTimeToLocalFileTime
0x40f0dc ExpandEnvironmentStringsW
0x40f0e0 WaitForSingleObject
0x40f0e4 Sleep
0x40f0e8 GetExitCodeProcess
0x40f0ec GetTempPathW
0x40f0f0 MoveFileExW
0x40f0f4 UnmapViewOfFile
0x40f0f8 MapViewOfFile
0x40f0fc GetCommandLineW
0x40f100 CreateFileMappingW
0x40f104 SetEnvironmentVariableW
0x40f108 OpenFileMappingW
0x40f10c SystemTimeToFileTime
0x40f110 WideCharToMultiByte
0x40f114 CompareStringW
0x40f118 IsDBCSLeadByte
0x40f11c GetCPInfo
0x40f120 GlobalAlloc
0x40f124 SetCurrentDirectoryW
0x40f128 SetFileTime
0x40f12c GetStdHandle
0x40f130 ReadFile
0x40f134 CreateFileW
0x40f138 CreateFileA
0x40f13c GetCurrentDirectoryW
0x40f140 GetFileType
0x40f144 SetEndOfFile
0x40f148 SetFilePointer
0x40f14c FlushFileBuffers
0x40f150 CloseHandle
0x40f154 DosDateTimeToFileTime
0x40f158 LocalFileTimeToFileTime
0x40f15c SetLastError
0x40f160 GetLastError
0x40f164 FreeLibrary
USER32.dll
0x40f1a0 EndDialog
0x40f1a4 DestroyIcon
0x40f1a8 SendDlgItemMessageW
0x40f1ac GetDlgItemTextW
0x40f1b0 GetClassNameW
0x40f1b4 DialogBoxParamW
0x40f1b8 IsWindowVisible
0x40f1bc WaitForInputIdle
0x40f1c0 SetForegroundWindow
0x40f1c4 GetSysColor
0x40f1c8 PostMessageW
0x40f1cc LoadBitmapW
0x40f1d0 LoadIconW
0x40f1d4 CharToOemA
0x40f1d8 OemToCharA
0x40f1dc IsWindow
0x40f1e0 CopyRect
0x40f1e4 DestroyWindow
0x40f1e8 DefWindowProcW
0x40f1ec RegisterClassExW
0x40f1f0 LoadCursorW
0x40f1f4 SetFocus
0x40f1f8 CreateWindowExW
0x40f1fc MapWindowPoints
0x40f200 GetParent
0x40f204 FindWindowExW
0x40f208 OemToCharBuffA
0x40f20c CharUpperA
0x40f210 CharToOemBuffA
0x40f214 LoadStringW
0x40f218 GetWindowRect
0x40f21c GetClientRect
0x40f220 SetWindowPos
0x40f224 GetWindowTextW
0x40f228 SetWindowTextW
0x40f22c GetSystemMetrics
0x40f230 GetWindow
0x40f234 GetWindowLongW
0x40f238 CharUpperW
0x40f23c MessageBoxW
0x40f240 ShowWindow
0x40f244 GetDlgItem
0x40f248 EnableWindow
0x40f24c SetDlgItemTextW
0x40f250 SendMessageW
0x40f254 GetDC
0x40f258 ReleaseDC
0x40f25c PeekMessageW
0x40f260 GetMessageW
0x40f264 TranslateMessage
0x40f268 DispatchMessageW
0x40f26c wvsprintfW
0x40f270 UpdateWindow
0x40f274 wvsprintfA
0x40f278 SetWindowLongW
GDI32.dll
0x40f020 CreateCompatibleDC
0x40f024 DeleteObject
0x40f028 GetDeviceCaps
0x40f02c GetObjectW
0x40f030 CreateCompatibleBitmap
0x40f034 SelectObject
0x40f038 StretchBlt
0x40f03c DeleteDC
ADVAPI32.dll
0x40f000 RegCloseKey
0x40f004 RegQueryValueExW
0x40f008 RegCreateKeyExW
0x40f00c RegSetValueExW
0x40f010 RegOpenKeyExW
SHELL32.dll
0x40f174 SHChangeNotify
0x40f178 ShellExecuteExW
0x40f17c SHFileOperationW
0x40f180 SHGetFileInfoW
0x40f184 SHGetSpecialFolderLocation
0x40f188 SHGetMalloc
0x40f18c SHBrowseForFolderW
0x40f190 SHGetPathFromIDListW
ole32.dll
0x40f280 CLSIDFromString
0x40f284 CreateStreamOnHGlobal
0x40f288 OleUninitialize
0x40f28c CoCreateInstance
0x40f290 OleInitialize
OLEAUT32.dll
0x40f16c VariantInit
EAT(Export Address Table) Library
COMCTL32.dll
0x40f018 InitCommonControlsEx
SHLWAPI.dll
0x40f198 SHAutoComplete
KERNEL32.dll
0x40f044 GetFileAttributesA
0x40f048 GetFileAttributesW
0x40f04c SetFileAttributesA
0x40f050 SetFileAttributesW
0x40f054 MoveFileW
0x40f058 DeleteFileW
0x40f05c DeleteFileA
0x40f060 CreateDirectoryA
0x40f064 CreateDirectoryW
0x40f068 FindClose
0x40f06c FindNextFileA
0x40f070 FindFirstFileA
0x40f074 FindNextFileW
0x40f078 FindFirstFileW
0x40f07c GetVersionExW
0x40f080 GetFullPathNameA
0x40f084 GetFullPathNameW
0x40f088 MultiByteToWideChar
0x40f08c GetModuleFileNameW
0x40f090 FindResourceW
0x40f094 GetModuleHandleW
0x40f098 HeapAlloc
0x40f09c GetProcessHeap
0x40f0a0 HeapFree
0x40f0a4 HeapReAlloc
0x40f0a8 CompareStringA
0x40f0ac ExitProcess
0x40f0b0 GetTickCount
0x40f0b4 WriteFile
0x40f0b8 GetProcAddress
0x40f0bc LoadLibraryW
0x40f0c0 GetCurrentProcessId
0x40f0c4 GetLocaleInfoW
0x40f0c8 GetNumberFormatW
0x40f0cc GetDateFormatW
0x40f0d0 GetTimeFormatW
0x40f0d4 FileTimeToSystemTime
0x40f0d8 FileTimeToLocalFileTime
0x40f0dc ExpandEnvironmentStringsW
0x40f0e0 WaitForSingleObject
0x40f0e4 Sleep
0x40f0e8 GetExitCodeProcess
0x40f0ec GetTempPathW
0x40f0f0 MoveFileExW
0x40f0f4 UnmapViewOfFile
0x40f0f8 MapViewOfFile
0x40f0fc GetCommandLineW
0x40f100 CreateFileMappingW
0x40f104 SetEnvironmentVariableW
0x40f108 OpenFileMappingW
0x40f10c SystemTimeToFileTime
0x40f110 WideCharToMultiByte
0x40f114 CompareStringW
0x40f118 IsDBCSLeadByte
0x40f11c GetCPInfo
0x40f120 GlobalAlloc
0x40f124 SetCurrentDirectoryW
0x40f128 SetFileTime
0x40f12c GetStdHandle
0x40f130 ReadFile
0x40f134 CreateFileW
0x40f138 CreateFileA
0x40f13c GetCurrentDirectoryW
0x40f140 GetFileType
0x40f144 SetEndOfFile
0x40f148 SetFilePointer
0x40f14c FlushFileBuffers
0x40f150 CloseHandle
0x40f154 DosDateTimeToFileTime
0x40f158 LocalFileTimeToFileTime
0x40f15c SetLastError
0x40f160 GetLastError
0x40f164 FreeLibrary
USER32.dll
0x40f1a0 EndDialog
0x40f1a4 DestroyIcon
0x40f1a8 SendDlgItemMessageW
0x40f1ac GetDlgItemTextW
0x40f1b0 GetClassNameW
0x40f1b4 DialogBoxParamW
0x40f1b8 IsWindowVisible
0x40f1bc WaitForInputIdle
0x40f1c0 SetForegroundWindow
0x40f1c4 GetSysColor
0x40f1c8 PostMessageW
0x40f1cc LoadBitmapW
0x40f1d0 LoadIconW
0x40f1d4 CharToOemA
0x40f1d8 OemToCharA
0x40f1dc IsWindow
0x40f1e0 CopyRect
0x40f1e4 DestroyWindow
0x40f1e8 DefWindowProcW
0x40f1ec RegisterClassExW
0x40f1f0 LoadCursorW
0x40f1f4 SetFocus
0x40f1f8 CreateWindowExW
0x40f1fc MapWindowPoints
0x40f200 GetParent
0x40f204 FindWindowExW
0x40f208 OemToCharBuffA
0x40f20c CharUpperA
0x40f210 CharToOemBuffA
0x40f214 LoadStringW
0x40f218 GetWindowRect
0x40f21c GetClientRect
0x40f220 SetWindowPos
0x40f224 GetWindowTextW
0x40f228 SetWindowTextW
0x40f22c GetSystemMetrics
0x40f230 GetWindow
0x40f234 GetWindowLongW
0x40f238 CharUpperW
0x40f23c MessageBoxW
0x40f240 ShowWindow
0x40f244 GetDlgItem
0x40f248 EnableWindow
0x40f24c SetDlgItemTextW
0x40f250 SendMessageW
0x40f254 GetDC
0x40f258 ReleaseDC
0x40f25c PeekMessageW
0x40f260 GetMessageW
0x40f264 TranslateMessage
0x40f268 DispatchMessageW
0x40f26c wvsprintfW
0x40f270 UpdateWindow
0x40f274 wvsprintfA
0x40f278 SetWindowLongW
GDI32.dll
0x40f020 CreateCompatibleDC
0x40f024 DeleteObject
0x40f028 GetDeviceCaps
0x40f02c GetObjectW
0x40f030 CreateCompatibleBitmap
0x40f034 SelectObject
0x40f038 StretchBlt
0x40f03c DeleteDC
ADVAPI32.dll
0x40f000 RegCloseKey
0x40f004 RegQueryValueExW
0x40f008 RegCreateKeyExW
0x40f00c RegSetValueExW
0x40f010 RegOpenKeyExW
SHELL32.dll
0x40f174 SHChangeNotify
0x40f178 ShellExecuteExW
0x40f17c SHFileOperationW
0x40f180 SHGetFileInfoW
0x40f184 SHGetSpecialFolderLocation
0x40f188 SHGetMalloc
0x40f18c SHBrowseForFolderW
0x40f190 SHGetPathFromIDListW
ole32.dll
0x40f280 CLSIDFromString
0x40f284 CreateStreamOnHGlobal
0x40f288 OleUninitialize
0x40f28c CoCreateInstance
0x40f290 OleInitialize
OLEAUT32.dll
0x40f16c VariantInit
EAT(Export Address Table) Library