popup

Report - 30ba7ce5-3e7a-4179-9c1e-25d668dace19

Malicious Library UPX PE File MZP Format PE32 OS Processor Check
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2025.05.04 13:26 Machine s1_win7_x6403
Filename 30ba7ce5-3e7a-4179-9c1e-25d668dace19
Type PE32 executable (GUI) Intel 80386, for MS Windows
AI Score
8
 Behavior Score
2.4
ZERO API file : malware
VT API (file) 55 detected (AIDetectMalware, Tepfer, Malicious, score, Trojanpws, GenericKD, Unsafe, Save, confidence, 100%, DelphGen, high confidence, ETWP, MalwareX, nCWPDbI6IyV, Delphi, aatwa, DownLoader48, AMADEY, YXFDLZ, Static AI, Suspicious PE, Detected, Malware@#5obtuqzlfa5y, Masslogger, ABTrojan, FJUK, R703461, Artemis, TScope, Delf, Yobdam, GdSda, Gencirc, susgen, PossibleThreat)
md5 c8f0ae8cf541f2e6cbfbbb796c0c2723
sha256 59368bb13783aed758f1df32a0a2db2015333a307ffa9ec188d9f88f7029170b
ssdeep 98304:IEArx7nlDK1Q4HYaPf8rX2u3JonZjQOV:IvV7mQsS2
imphash f83a50a90858634671352f1591435a58
impfuzzy 192:f3UzG1Q7buuArSUvK9aqooqEopCPbOQPb:f311CAA9okPbOQT
  Network IP location

Signature (6cnts)

Level Description
danger File has been identified by 55 AntiVirus engines on VirusTotal as malicious
notice Allocates read-write-execute memory (usually to unpack itself)
info One or more processes crashed
info Queries for the computername
info The executable contains unknown PE section names indicative of a packer (could be a false positive)
info The executable uses a known packer

Rules (6cnts)

Level Name Description Collection
watch Malicious_Library_Zero Malicious_Library binaries (upload)
watch UPX_Zero UPX packed file binaries (upload)
info IsPE32 (no description) binaries (upload)
info mzp_file_format MZP(Delphi) file format binaries (upload)
info OS_Processor_Check_Zero OS Processor Check binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (0cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?

Suricata ids

PE API

IAT(Import Address Table) Library

kernel32.dll
 0x47b140 DeleteCriticalSection
 0x47b144 LeaveCriticalSection
 0x47b148 EnterCriticalSection
 0x47b14c InitializeCriticalSection
 0x47b150 VirtualFree
 0x47b154 VirtualAlloc
 0x47b158 LocalFree
 0x47b15c LocalAlloc
 0x47b160 GetVersion
 0x47b164 GetCurrentThreadId
 0x47b168 InterlockedDecrement
 0x47b16c InterlockedIncrement
 0x47b170 VirtualQuery
 0x47b174 WideCharToMultiByte
 0x47b178 MultiByteToWideChar
 0x47b17c lstrlenA
 0x47b180 lstrcpynA
 0x47b184 LoadLibraryExA
 0x47b188 GetThreadLocale
 0x47b18c GetStartupInfoA
 0x47b190 GetProcAddress
 0x47b194 GetModuleHandleA
 0x47b198 GetModuleFileNameA
 0x47b19c GetLocaleInfoA
 0x47b1a0 GetCommandLineA
 0x47b1a4 FreeLibrary
 0x47b1a8 FindFirstFileA
 0x47b1ac FindClose
 0x47b1b0 ExitProcess
 0x47b1b4 ExitThread
 0x47b1b8 CreateThread
 0x47b1bc WriteFile
 0x47b1c0 UnhandledExceptionFilter
 0x47b1c4 RtlUnwind
 0x47b1c8 RaiseException
 0x47b1cc GetStdHandle
user32.dll
 0x47b1d4 GetKeyboardType
 0x47b1d8 LoadStringA
 0x47b1dc MessageBoxA
 0x47b1e0 CharNextA
advapi32.dll
 0x47b1e8 RegQueryValueExA
 0x47b1ec RegOpenKeyExA
 0x47b1f0 RegCloseKey
oleaut32.dll
 0x47b1f8 SysFreeString
 0x47b1fc SysReAllocStringLen
 0x47b200 SysAllocStringLen
kernel32.dll
 0x47b208 TlsSetValue
 0x47b20c TlsGetValue
 0x47b210 LocalAlloc
 0x47b214 GetModuleHandleA
advapi32.dll
 0x47b21c RegQueryValueExA
 0x47b220 RegOpenKeyExA
 0x47b224 RegCloseKey
kernel32.dll
 0x47b22c lstrcpyA
 0x47b230 WriteFile
 0x47b234 WaitForSingleObject
 0x47b238 VirtualQuery
 0x47b23c VirtualAlloc
 0x47b240 Sleep
 0x47b244 SizeofResource
 0x47b248 SetThreadLocale
 0x47b24c SetFilePointer
 0x47b250 SetEvent
 0x47b254 SetErrorMode
 0x47b258 SetEndOfFile
 0x47b25c ResumeThread
 0x47b260 ResetEvent
 0x47b264 ReleaseMutex
 0x47b268 ReadFile
 0x47b26c MultiByteToWideChar
 0x47b270 MulDiv
 0x47b274 LockResource
 0x47b278 LoadResource
 0x47b27c LoadLibraryA
 0x47b280 LeaveCriticalSection
 0x47b284 InitializeCriticalSection
 0x47b288 GlobalUnlock
 0x47b28c GlobalReAlloc
 0x47b290 GlobalHandle
 0x47b294 GlobalLock
 0x47b298 GlobalFree
 0x47b29c GlobalFindAtomA
 0x47b2a0 GlobalDeleteAtom
 0x47b2a4 GlobalAlloc
 0x47b2a8 GlobalAddAtomA
 0x47b2ac GetVersionExA
 0x47b2b0 GetVersion
 0x47b2b4 GetTickCount
 0x47b2b8 GetThreadLocale
 0x47b2bc GetSystemInfo
 0x47b2c0 GetStringTypeExA
 0x47b2c4 GetStdHandle
 0x47b2c8 GetProcAddress
 0x47b2cc GetModuleHandleA
 0x47b2d0 GetModuleFileNameA
 0x47b2d4 GetLocaleInfoA
 0x47b2d8 GetLocalTime
 0x47b2dc GetLastError
 0x47b2e0 GetFullPathNameA
 0x47b2e4 GetExitCodeThread
 0x47b2e8 GetDiskFreeSpaceA
 0x47b2ec GetDateFormatA
 0x47b2f0 GetCurrentThreadId
 0x47b2f4 GetCurrentProcessId
 0x47b2f8 GetCPInfo
 0x47b2fc GetACP
 0x47b300 FreeResource
 0x47b304 InterlockedIncrement
 0x47b308 InterlockedExchange
 0x47b30c InterlockedDecrement
 0x47b310 FreeLibrary
 0x47b314 FormatMessageA
 0x47b318 FindResourceA
 0x47b31c EnumCalendarInfoA
 0x47b320 EnterCriticalSection
 0x47b324 DeleteCriticalSection
 0x47b328 CreateThread
 0x47b32c CreateFileA
 0x47b330 CreateEventA
 0x47b334 CompareStringA
 0x47b338 CloseHandle
version.dll
 0x47b340 VerQueryValueA
 0x47b344 GetFileVersionInfoSizeA
 0x47b348 GetFileVersionInfoA
gdi32.dll
 0x47b350 UnrealizeObject
 0x47b354 StretchBlt
 0x47b358 SetWindowOrgEx
 0x47b35c SetViewportOrgEx
 0x47b360 SetTextColor
 0x47b364 SetStretchBltMode
 0x47b368 SetROP2
 0x47b36c SetPixel
 0x47b370 SetDIBColorTable
 0x47b374 SetBrushOrgEx
 0x47b378 SetBkMode
 0x47b37c SetBkColor
 0x47b380 SelectPalette
 0x47b384 SelectObject
 0x47b388 SaveDC
 0x47b38c RestoreDC
 0x47b390 Rectangle
 0x47b394 RectVisible
 0x47b398 RealizePalette
 0x47b39c PatBlt
 0x47b3a0 MoveToEx
 0x47b3a4 MaskBlt
 0x47b3a8 LineTo
 0x47b3ac IntersectClipRect
 0x47b3b0 GetWindowOrgEx
 0x47b3b4 GetTextMetricsA
 0x47b3b8 GetTextExtentPoint32A
 0x47b3bc GetTextCharacterExtra
 0x47b3c0 GetSystemPaletteEntries
 0x47b3c4 GetStretchBltMode
 0x47b3c8 GetStockObject
 0x47b3cc GetPixel
 0x47b3d0 GetPaletteEntries
 0x47b3d4 GetObjectA
 0x47b3d8 GetDeviceCaps
 0x47b3dc GetDIBits
 0x47b3e0 GetDIBColorTable
 0x47b3e4 GetDCOrgEx
 0x47b3e8 GetCurrentPositionEx
 0x47b3ec GetClipBox
 0x47b3f0 GetBrushOrgEx
 0x47b3f4 GetBitmapBits
 0x47b3f8 ExcludeClipRect
 0x47b3fc DeleteObject
 0x47b400 DeleteDC
 0x47b404 CreateSolidBrush
 0x47b408 CreatePenIndirect
 0x47b40c CreatePalette
 0x47b410 CreateHalftonePalette
 0x47b414 CreateFontIndirectA
 0x47b418 CreateDIBitmap
 0x47b41c CreateDIBSection
 0x47b420 CreateCompatibleDC
 0x47b424 CreateCompatibleBitmap
 0x47b428 CreateBrushIndirect
 0x47b42c CreateBitmap
 0x47b430 BitBlt
user32.dll
 0x47b438 CreateWindowExA
 0x47b43c WindowFromPoint
 0x47b440 WinHelpA
 0x47b444 WaitMessage
 0x47b448 UpdateWindow
 0x47b44c UnregisterClassA
 0x47b450 UnhookWindowsHookEx
 0x47b454 TranslateMessage
 0x47b458 TranslateMDISysAccel
 0x47b45c TrackPopupMenu
 0x47b460 SystemParametersInfoA
 0x47b464 ShowWindow
 0x47b468 ShowScrollBar
 0x47b46c ShowOwnedPopups
 0x47b470 ShowCursor
 0x47b474 SetWindowsHookExA
 0x47b478 SetWindowTextA
 0x47b47c SetWindowPos
 0x47b480 SetWindowPlacement
 0x47b484 SetWindowLongA
 0x47b488 SetTimer
 0x47b48c SetScrollRange
 0x47b490 SetScrollPos
 0x47b494 SetScrollInfo
 0x47b498 SetRect
 0x47b49c SetPropA
 0x47b4a0 SetParent
 0x47b4a4 SetMenuItemInfoA
 0x47b4a8 SetMenu
 0x47b4ac SetForegroundWindow
 0x47b4b0 SetFocus
 0x47b4b4 SetCursor
 0x47b4b8 SetClassLongA
 0x47b4bc SetCapture
 0x47b4c0 SetActiveWindow
 0x47b4c4 SendMessageA
 0x47b4c8 ScrollWindow
 0x47b4cc ScreenToClient
 0x47b4d0 RemovePropA
 0x47b4d4 RemoveMenu
 0x47b4d8 ReleaseDC
 0x47b4dc ReleaseCapture
 0x47b4e0 RegisterWindowMessageA
 0x47b4e4 RegisterClipboardFormatA
 0x47b4e8 RegisterClassA
 0x47b4ec RedrawWindow
 0x47b4f0 PtInRect
 0x47b4f4 PostQuitMessage
 0x47b4f8 PostMessageA
 0x47b4fc PeekMessageA
 0x47b500 OffsetRect
 0x47b504 OemToCharA
 0x47b508 MsgWaitForMultipleObjects
 0x47b50c MessageBoxA
 0x47b510 MapWindowPoints
 0x47b514 MapVirtualKeyA
 0x47b518 LoadStringA
 0x47b51c LoadKeyboardLayoutA
 0x47b520 LoadIconA
 0x47b524 LoadCursorA
 0x47b528 LoadBitmapA
 0x47b52c KillTimer
 0x47b530 IsZoomed
 0x47b534 IsWindowVisible
 0x47b538 IsWindowEnabled
 0x47b53c IsWindow
 0x47b540 IsRectEmpty
 0x47b544 IsIconic
 0x47b548 IsDialogMessageA
 0x47b54c IsChild
 0x47b550 InvalidateRect
 0x47b554 IntersectRect
 0x47b558 InsertMenuItemA
 0x47b55c InsertMenuA
 0x47b560 InflateRect
 0x47b564 GetWindowThreadProcessId
 0x47b568 GetWindowTextA
 0x47b56c GetWindowRect
 0x47b570 GetWindowPlacement
 0x47b574 GetWindowLongA
 0x47b578 GetWindowDC
 0x47b57c GetTopWindow
 0x47b580 GetSystemMetrics
 0x47b584 GetSystemMenu
 0x47b588 GetSysColorBrush
 0x47b58c GetSysColor
 0x47b590 GetSubMenu
 0x47b594 GetScrollRange
 0x47b598 GetScrollPos
 0x47b59c GetScrollInfo
 0x47b5a0 GetPropA
 0x47b5a4 GetParent
 0x47b5a8 GetWindow
 0x47b5ac GetMenuStringA
 0x47b5b0 GetMenuState
 0x47b5b4 GetMenuItemInfoA
 0x47b5b8 GetMenuItemID
 0x47b5bc GetMenuItemCount
 0x47b5c0 GetMenu
 0x47b5c4 GetLastActivePopup
 0x47b5c8 GetKeyboardState
 0x47b5cc GetKeyboardLayoutList
 0x47b5d0 GetKeyboardLayout
 0x47b5d4 GetKeyState
 0x47b5d8 GetKeyNameTextA
 0x47b5dc GetIconInfo
 0x47b5e0 GetForegroundWindow
 0x47b5e4 GetFocus
 0x47b5e8 GetDesktopWindow
 0x47b5ec GetDCEx
 0x47b5f0 GetDC
 0x47b5f4 GetCursorPos
 0x47b5f8 GetCursor
 0x47b5fc GetClientRect
 0x47b600 GetClassNameA
 0x47b604 GetClassInfoA
 0x47b608 GetCapture
 0x47b60c GetActiveWindow
 0x47b610 FrameRect
 0x47b614 FindWindowA
 0x47b618 FillRect
 0x47b61c EqualRect
 0x47b620 EnumWindows
 0x47b624 EnumThreadWindows
 0x47b628 EndPaint
 0x47b62c EnableWindow
 0x47b630 EnableScrollBar
 0x47b634 EnableMenuItem
 0x47b638 DrawTextA
 0x47b63c DrawMenuBar
 0x47b640 DrawIconEx
 0x47b644 DrawIcon
 0x47b648 DrawFrameControl
 0x47b64c DrawFocusRect
 0x47b650 DrawEdge
 0x47b654 DispatchMessageA
 0x47b658 DestroyWindow
 0x47b65c DestroyMenu
 0x47b660 DestroyIcon
 0x47b664 DestroyCursor
 0x47b668 DeleteMenu
 0x47b66c DefWindowProcA
 0x47b670 DefMDIChildProcA
 0x47b674 DefFrameProcA
 0x47b678 CreatePopupMenu
 0x47b67c CreateMenu
 0x47b680 CreateIcon
 0x47b684 ClientToScreen
 0x47b688 CheckMenuItem
 0x47b68c CallWindowProcA
 0x47b690 CallNextHookEx
 0x47b694 BeginPaint
 0x47b698 CharNextA
 0x47b69c CharLowerA
 0x47b6a0 CharUpperBuffA
 0x47b6a4 CharToOemA
 0x47b6a8 AdjustWindowRectEx
 0x47b6ac ActivateKeyboardLayout
kernel32.dll
 0x47b6b4 Sleep
oleaut32.dll
 0x47b6bc SafeArrayPtrOfIndex
 0x47b6c0 SafeArrayPutElement
 0x47b6c4 SafeArrayGetElement
 0x47b6c8 SafeArrayUnaccessData
 0x47b6cc SafeArrayAccessData
 0x47b6d0 SafeArrayGetUBound
 0x47b6d4 SafeArrayGetLBound
 0x47b6d8 SafeArrayCreate
 0x47b6dc VariantChangeType
 0x47b6e0 VariantCopyInd
 0x47b6e4 VariantCopy
 0x47b6e8 VariantClear
 0x47b6ec VariantInit
ole32.dll
 0x47b6f4 CLSIDFromProgID
 0x47b6f8 CoCreateInstance
 0x47b6fc CoUninitialize
 0x47b700 CoInitialize
oleaut32.dll
 0x47b708 GetErrorInfo
 0x47b70c SysFreeString
comctl32.dll
 0x47b714 ImageList_SetIconSize
 0x47b718 ImageList_GetIconSize
 0x47b71c ImageList_Write
 0x47b720 ImageList_Read
 0x47b724 ImageList_GetDragImage
 0x47b728 ImageList_DragShowNolock
 0x47b72c ImageList_SetDragCursorImage
 0x47b730 ImageList_DragMove
 0x47b734 ImageList_DragLeave
 0x47b738 ImageList_DragEnter
 0x47b73c ImageList_EndDrag
 0x47b740 ImageList_BeginDrag
 0x47b744 ImageList_Remove
 0x47b748 ImageList_DrawEx
 0x47b74c ImageList_Replace
 0x47b750 ImageList_Draw
 0x47b754 ImageList_GetBkColor
 0x47b758 ImageList_SetBkColor
 0x47b75c ImageList_ReplaceIcon
 0x47b760 ImageList_Add
 0x47b764 ImageList_GetImageCount
 0x47b768 ImageList_Destroy
 0x47b76c ImageList_Create

EAT(Export Address Table) is none


Similarity measure (PE file only) - Checking for service failure