c:\vmagent_new\bin\joblist\343384\out\Release\360FeedBack.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5f6116c965b705b5f7d494ad2a29aee257d43d84b2e54f01b7c0fa396247ad71.exe
Resource
win7-20240221-en
windows7-x64
13 signatures
150 seconds
General
-
Target
5f6116c965b705b5f7d494ad2a29aee257d43d84b2e54f01b7c0fa396247ad71
-
Size
581KB
-
MD5
890ee095bafeae81bea4a849c7fe6120
-
SHA1
766ad909465a41c0250254165fcac000b771bec8
-
SHA256
5f6116c965b705b5f7d494ad2a29aee257d43d84b2e54f01b7c0fa396247ad71
-
SHA512
71408cc0b7d529060bf6b4bb78393ac09a9d6189b1bffe3ead02b26a1b3885bff6be6830ba3808413aa49386a2a89ce20fe56d738ceb823262504517011a7609
-
SSDEEP
12288:a6NdBtHGPw3IagYt7nisx7JaTV7wGToO6FBCCTtOLyw:o4Y9YFnLx7UTV7hoO6FBC4w
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 5f6116c965b705b5f7d494ad2a29aee257d43d84b2e54f01b7c0fa396247ad71
Files
-
5f6116c965b705b5f7d494ad2a29aee257d43d84b2e54f01b7c0fa396247ad71.exe windows:5 windows x86 arch:x86
96752a11d156420a9eca62ccca55d9e0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetSystemInfo
GetModuleHandleA
SetFilePointer
ReadFile
GetStartupInfoW
CopyFileW
lstrcpynW
GetTickCount
WaitForSingleObject
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
HeapSize
GetStdHandle
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
ExitProcess
Sleep
RtlUnwind
TlsFree
TlsAlloc
ReleaseMutex
HeapWalk
HeapLock
OpenThread
HeapUnlock
TlsSetValue
OutputDebugStringW
TlsGetValue
GetFileSizeEx
WriteFile
SetFilePointerEx
SetEndOfFile
LocalFileTimeToFileTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
CreateFileA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExW
GetFileAttributesW
LocalFree
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
MulDiv
GetCommandLineW
GetTempPathW
GetTempFileNameW
DeleteFileW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FindNextFileW
FindFirstFileW
FindClose
lstrlenA
SetLastError
lstrcmpiW
CreateProcessW
GetCurrentThreadId
CreateMutexW
GetLastError
LoadLibraryW
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
RaiseException
WideCharToMultiByte
InterlockedExchange
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
LoadLibraryExW
GetCurrentProcessId
CreateFileW
DeviceIoControl
CloseHandle
GetModuleFileNameA
user32
IsRectEmpty
ReleaseCapture
TrackMouseEvent
InflateRect
GetClassInfoW
RegisterClassW
LoadStringW
ShowWindow
PostMessageW
UnregisterClassA
SetWindowLongW
GetCursorPos
SetCapture
SetRect
FillRect
SetForegroundWindow
IsIconic
FindWindowW
CharLowerW
GetSystemMetrics
LoadImageW
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CharNextW
DestroyWindow
MessageBoxW
GetActiveWindow
CreateDialogParamW
DefWindowProcW
IsDialogMessageW
GetKeyState
SetActiveWindow
DialogBoxParamW
RegisterClassExW
EnableMenuItem
GetSubMenu
LoadMenuW
LoadCursorW
GetClassInfoExW
HideCaret
ClientToScreen
SetWindowTextW
GetWindow
MonitorFromWindow
GetMonitorInfoW
EndDialog
GetFocus
EnableWindow
GetWindowTextW
FindWindowExW
SetDlgItemTextW
SetFocus
MoveWindow
ScreenToClient
MapWindowPoints
GetDlgItem
IsWindowVisible
InvalidateRect
GetWindowRect
SetWindowPos
SetWindowRgn
KillTimer
SetTimer
SetLayeredWindowAttributes
CallWindowProcW
GetWindowLongW
EndPaint
BeginPaint
GetDC
ReleaseDC
PtInRect
IsWindow
DrawTextW
OffsetRect
GetParent
RedrawWindow
GetClientRect
CreateWindowExW
SendMessageW
gdi32
DeleteObject
CreateCompatibleBitmap
CreateRectRgn
CreateCompatibleDC
SetBkColor
ExtTextOutW
Rectangle
SetBkMode
EnumFontFamiliesW
CreateSolidBrush
SaveDC
RestoreDC
DeleteDC
CreateFontW
CreatePen
BitBlt
SetTextColor
CombineRgn
SelectObject
CreatePolygonRgn
GetStockObject
SetViewportOrgEx
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExA
shell32
SHCreateDirectoryExW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathA
ShellExecuteW
ole32
CoTaskMemAlloc
CoInitialize
OleInitialize
CoUninitialize
OleUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
oleaut32
SysStringLen
SysFreeString
VariantChangeType
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
SysAllocString
shlwapi
PathAppendA
PathCanonicalizeW
PathFindFileNameW
StrCmpW
StrCmpIW
PathCombineA
SHGetValueA
PathFileExistsA
SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathCombineW
PathIsRelativeW
PathFileExistsW
comctl32
_TrackMouseEvent
InitCommonControlsEx
Sections
.text Size: 294KB - Virtual size: 294KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 15KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 85KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE