C:\vmagent_new\bin\joblist\617257\out\Release\MultiMediaOpt.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
6234ee603e913259b81db21f73ab91ed8344e294f34bdfca4ece19cb67332e9c.exe
Resource
win7-20240221-en
windows7-x64
18 signatures
150 seconds
General
-
Target
6234ee603e913259b81db21f73ab91ed8344e294f34bdfca4ece19cb67332e9c
-
Size
767KB
-
MD5
916dd306d5b551070a73339e870f3642
-
SHA1
935832a602ddc2f8688d9bce1b2ef86b6d72b487
-
SHA256
6234ee603e913259b81db21f73ab91ed8344e294f34bdfca4ece19cb67332e9c
-
SHA512
04ee1ec57c7fda5f0d51ef53e5d721f9edfef4d0d139e64eca314eaaf24756c403103d28831fdb9246040ac34347a6582165c53fe776602a9d7a161e5863ba0d
-
SSDEEP
12288:E1V4L4PCtGDtlLJgsGoT6gYAMkZ6XlwAcMs+50tgAakT7hs5fDDbbjmh8Q0u8sZD:E1VUQDtlLJg3or6XKAsCI8T92
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 6234ee603e913259b81db21f73ab91ed8344e294f34bdfca4ece19cb67332e9c
Files
-
6234ee603e913259b81db21f73ab91ed8344e294f34bdfca4ece19cb67332e9c.exe windows:5 windows x86 arch:x86
087cdb429a7615d6fc3179efa6e97910
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetDriveTypeW
GetDiskFreeSpaceExW
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetVersion
CreateEventW
WaitForSingleObject
SetEvent
WaitForMultipleObjects
LoadLibraryW
CreateFileA
ReadFile
DeleteFileW
GetCurrentThreadId
GetCurrentProcessId
WriteFile
GetCommandLineW
SetLastError
ResetEvent
RaiseException
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
ExitProcess
CreateMutexW
MulDiv
DecodePointer
GetTempFileNameW
FindClose
InterlockedExchange
WritePrivateProfileStringW
DeviceIoControl
InitializeCriticalSection
GetPrivateProfileStringW
HeapDestroy
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetSystemDirectoryW
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
InterlockedCompareExchange
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
HeapFree
GetFileType
GetACP
GetStdHandle
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
GetModuleHandleExW
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
LocalFree
ReleaseMutex
OpenThread
HeapWalk
HeapUnlock
HeapLock
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
SystemTimeToFileTime
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
GetLogicalDriveStringsW
GetLongPathNameW
GetTempPathW
GetLongPathNameA
GetTempPathA
GetFileAttributesA
GetFileAttributesW
FindNextFileW
FindFirstFileW
CloseHandle
GetFileSizeEx
CreateFileW
FindResourceExW
GetProcessHeap
HeapAlloc
WideCharToMultiByte
Sleep
HeapReAlloc
GetVersionExW
GetSystemWindowsDirectoryW
GetModuleHandleW
GetCurrentProcess
LoadLibraryExW
FindResourceW
SizeofResource
LoadResource
LockResource
FreeResource
EnterCriticalSection
GetProcAddress
FreeLibrary
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
EncodePointer
GetStringTypeW
GetDateFormatW
HeapSize
LeaveCriticalSection
GetModuleFileNameW
MultiByteToWideChar
GetConsoleMode
user32
GetWindowTextW
GetWindowRect
DrawTextW
SetCursor
GetParent
GetClientRect
EndPaint
BeginPaint
InvalidateRect
MessageBoxW
GetActiveWindow
ScreenToClient
SendMessageW
GetWindowTextLengthW
wsprintfW
FindWindowExW
PostMessageW
LoadCursorW
IntersectRect
RegisterClassW
GetClassInfoW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageTimeoutW
FindWindowW
CharNextW
EndDialog
ReleaseDC
GetDC
CreateWindowExW
CreateDialogParamW
GetClassInfoExW
RegisterClassExW
DestroyWindow
DialogBoxParamW
IsIconic
UpdateWindow
MoveWindow
EnableWindow
IsDialogMessageW
IsWindowVisible
PostQuitMessage
GetSystemMetrics
SetWindowTextW
LoadImageW
UnregisterClassW
CallWindowProcW
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetDlgItem
SetWindowPos
ShowWindow
IsWindow
SetWindowLongW
GetWindowLongW
DefWindowProcW
gdi32
SetStretchBltMode
GetObjectW
CreateCompatibleDC
CreateDIBSection
ExtTextOutW
SetBkColor
GetDeviceCaps
GetTextExtentPointW
DeleteObject
SelectObject
SetTextColor
DeleteDC
CreateFontW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteValueW
RegSetValueExW
shell32
ord165
ShellExecuteW
SHGetPathFromIDListW
DragQueryFileW
SHBrowseForFolderW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ole32
CoTaskMemFree
CoTaskMemRealloc
CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
CoTaskMemAlloc
oleaut32
VarUI4FromStr
SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VariantInit
VariantClear
version
VerQueryValueW
shlwapi
PathCombineW
PathFileExistsW
PathFindExtensionW
SHGetValueW
PathIsRelativeW
PathFindFileNameW
PathCanonicalizeW
PathRemoveFileSpecW
PathAppendW
comctl32
InitCommonControlsEx
ord17
_TrackMouseEvent
msimg32
AlphaBlend
gdiplus
GdiplusShutdown
GdiplusStartup
Sections
.text Size: 443KB - Virtual size: 442KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 102KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 14KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 104KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 86KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE