Static task
static1
Behavioral task
behavioral1
Sample
91be0ef6635c6d2430f006acbc090d03338d2eafe921c1cf72fbc8c077cb885b.exe
Resource
win10-en-20211208
General
-
Target
91be0ef6635c6d2430f006acbc090d03338d2eafe921c1cf72fbc8c077cb885b
-
Size
444KB
-
MD5
26a134a9ae3f32dfb36e1487adeabc15
-
SHA1
f27ea7f689132c3bb34a1f41b644d93181d0561a
-
SHA256
91be0ef6635c6d2430f006acbc090d03338d2eafe921c1cf72fbc8c077cb885b
-
SHA512
e7419a3b4e4708e6af558c094da2814766c329c2f7d0b9cb1bbf03cba53340088cbc9e81b205798d1576fa9c97e6f72ecf5b94c02b12f7905c81b34094fc43a1
-
SSDEEP
12288:AFF2GziGfmxG3eatadyVNaeiepBIfiUX+tWtGg8zQ:yxf4G3eiMIBMFakG5
Malware Config
Signatures
Files
-
91be0ef6635c6d2430f006acbc090d03338d2eafe921c1cf72fbc8c077cb885b.exe windows x86
747024b1d04ad78d24e3aa224d333747
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateNamedPipeW
TerminateThread
DeactivateActCtx
GetConsoleAliasesLengthW
GetVersionExW
GetConsoleCP
GetDefaultCommConfigW
FindFirstFileExW
GetDriveTypeW
FreeEnvironmentStringsW
GetProcessPriorityBoost
SetVolumeMountPointW
SetCurrentDirectoryW
GetLongPathNameA
TlsGetValue
SetComputerNameExA
FindAtomA
BuildCommDCBAndTimeoutsW
VirtualProtect
GetModuleHandleA
GlobalAlloc
InitializeCriticalSection
TlsSetValue
GetCommandLineA
InterlockedDecrement
GetCalendarInfoA
CopyFileW
ZombifyActCtx
OutputDebugStringA
GetSystemTimeAdjustment
GetPriorityClass
WritePrivateProfileStringW
GetProcessHeaps
GlobalUnWire
GetProcessHeap
GetStartupInfoA
GetDiskFreeSpaceExW
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetLastError
GetProfileStringA
WriteProfileSectionW
GetProfileStringW
GetConsoleCursorInfo
SetLastError
DeleteVolumeMountPointA
DebugBreak
GetPrivateProfileSectionW
ReadFileScatter
GetNumberOfConsoleInputEvents
GetSystemWindowsDirectoryW
TerminateProcess
GlobalFindAtomA
FindCloseChangeNotification
CreateActCtxW
SetMailslotInfo
InterlockedExchange
DefineDosDeviceA
SetVolumeMountPointA
EndUpdateResourceA
WriteConsoleA
GetPrivateProfileSectionA
WritePrivateProfileSectionW
GetPrivateProfileStructA
TryEnterCriticalSection
GetFileAttributesExW
FileTimeToLocalFileTime
MoveFileA
GetVolumePathNameW
HeapUnlock
GetComputerNameW
FindActCtxSectionStringA
SetThreadContext
MoveFileExA
GetOverlappedResult
GlobalUnlock
UnregisterWait
BuildCommDCBA
GlobalDeleteAtom
GetBinaryTypeA
OpenEventW
SetCommTimeouts
WaitNamedPipeA
CreateIoCompletionPort
FindResourceExW
GetSystemTimeAsFileTime
GetSystemInfo
SetLocalTime
OpenSemaphoreA
FreeEnvironmentStringsA
lstrcmpW
GetProcAddress
GetPrivateProfileSectionNamesA
SetFileShortNameW
lstrcpyW
VerLanguageNameA
GetThreadSelectorEntry
SetSystemTime
UnlockFile
GetConsoleAliasW
SetConsoleScreenBufferSize
AllocConsole
GetAtomNameA
WriteConsoleInputA
TransactNamedPipe
GetCommState
LockFile
_lopen
ResetWriteWatch
GetConsoleOutputCP
EnumDateFormatsW
GetConsoleAliasExesLengthA
WriteConsoleOutputCharacterW
HeapReAlloc
OpenMutexA
GetStringTypeW
SetFilePointer
PostQueuedCompletionStatus
AreFileApisANSI
CancelWaitableTimer
GetCurrentProcess
SetNamedPipeHandleState
GetCompressedFileSizeA
FindNextVolumeMountPointA
GetFullPathNameW
WriteProfileStringW
DeleteAtom
GlobalAddAtomA
TerminateJobObject
QueryDosDeviceW
LeaveCriticalSection
SetFirmwareEnvironmentVariableW
GetBinaryTypeW
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
Sleep
DeleteCriticalSection
EnterCriticalSection
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
LCMapStringA
LCMapStringW
GetCPInfo
HeapValidate
IsBadReadPtr
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
GetStdHandle
WriteFile
WriteConsoleW
GetFileType
OutputDebugStringW
ExitProcess
LoadLibraryW
GetModuleFileNameA
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
HeapAlloc
HeapSize
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetLocaleInfoW
SetStdHandle
CloseHandle
CreateFileA
DeleteFileA
user32
OemToCharA
msimg32
AlphaBlend
Sections
.text Size: 211KB - Virtual size: 211KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 178KB - Virtual size: 331KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.moz Size: 512B - Virtual size: 5B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 37KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ