Resubmissions
01/02/2022, 09:10
220201-k4279scee5 1015/01/2022, 13:42
220115-qztyzsefhn 1012/01/2022, 12:30
220112-ppk3nacfbl 1010/01/2022, 10:49
220110-mwsd7sebe3 1007/01/2022, 20:35
220107-zc2jzsdaeq 1007/01/2022, 10:05
220107-l4rxzacba8 1006/01/2022, 22:46
220106-2qch5abff5 1006/01/2022, 19:07
220106-xsnxqabhfl 1006/01/2022, 15:26
220106-svedvabda5 1006/01/2022, 15:25
220106-st3p2sbgcq 10Static task
static1
Behavioral task
behavioral1
Sample
4446186b0133b453f35a839b841ba453377c9a5638c1d81ee2313bb3adc22aaf.exe
Resource
win10-en-20211208
General
-
Target
4446186b0133b453f35a839b841ba453377c9a5638c1d81ee2313bb3adc22aaf
-
Size
339KB
-
MD5
b75726b4b619811b4c50d917822a4083
-
SHA1
ed8b418d7357609ce03c4f7123c0bb711b9d227d
-
SHA256
4446186b0133b453f35a839b841ba453377c9a5638c1d81ee2313bb3adc22aaf
-
SHA512
59516fdf6334f4005c7881322eb9a057939804e18ba8f13d0cb48fdc460aab19570c482e87700c6884807e1c885864ed422646f3150d9df731a10ecf5a7e05c9
-
SSDEEP
6144:yGcxJniEsDc4WGhz2yB3CYRcLijVok76+Ygx5spuKUOT+OXanv:y/xJniEsDcr47tcLijVokPYg/spuKUe
Malware Config
Signatures
Files
-
4446186b0133b453f35a839b841ba453377c9a5638c1d81ee2313bb3adc22aaf.exe windows x86
b3d4f2ed39290c6d2f992f32b3b6f3d8
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CallNamedPipeW
TerminateProcess
GetExitCodeProcess
GetVersionExW
VerifyVersionInfoW
GetConsoleCP
GetConsoleAliasesLengthA
VerLanguageNameA
VerifyVersionInfoA
FreeEnvironmentStringsW
GetProcessPriorityBoost
SetVolumeMountPointA
GetLongPathNameW
CopyFileA
TlsSetValue
GetConsoleCursorInfo
SystemTimeToTzSpecificLocalTime
FindAtomW
ReleaseMutex
GetNamedPipeHandleStateA
CommConfigDialogA
BuildCommDCBAndTimeoutsW
GetProcAddress
LoadLibraryA
GlobalAlloc
LocalReAlloc
TlsGetValue
GetCommandLineA
InterlockedExchange
GetCalendarInfoW
DeleteFileA
CreateActCtxA
SetPriorityClass
GetPrivateProfileIntW
GetProcessHeap
GlobalMemoryStatus
ReadConsoleOutputCharacterA
GetStartupInfoA
GetDiskFreeSpaceExW
GetCPInfoExW
GetWindowsDirectoryA
GetSystemWow64DirectoryW
GetProfileStringA
GetCalendarInfoA
MapUserPhysicalPages
SetLastError
GetStringTypeExW
DebugBreak
lstrcmpA
WriteFile
SetConsoleMode
GetThreadSelectorEntry
lstrcatW
SetMailslotInfo
LocalFileTimeToFileTime
DefineDosDeviceA
EndUpdateResourceW
WriteConsoleW
SetSystemTimeAdjustment
WritePrivateProfileSectionW
GetPrivateProfileStructA
TryEnterCriticalSection
GetPrivateProfileStructW
GetFileAttributesExA
HeapUnlock
PeekConsoleInputA
SetTapeParameters
FindResourceExW
GetLocalTime
GetPrivateProfileSectionW
CreateIoCompletionPort
CreateSemaphoreA
GetThreadLocale
SetFileShortNameW
lstrcpyA
LockFile
GetConsoleAliasA
GetConsoleAliasExesLengthA
EnumDateFormatsA
GetDevicePowerState
GetWriteWatch
FreeEnvironmentStringsA
GetConsoleScreenBufferInfo
LoadLibraryW
GetComputerNameW
HeapFree
GetLastError
GlobalReAlloc
SignalObjectAndWait
CancelDeviceWakeupRequest
FindClose
SetWaitableTimer
ChangeTimerQueueTimer
GetProcessTimes
FatalAppExitW
lstrcpynA
SetNamedPipeHandleState
FillConsoleOutputCharacterA
GetCompressedFileSizeA
FindNextVolumeMountPointA
GetFullPathNameA
FreeResource
UnlockFile
GlobalAddAtomA
TerminateJobObject
QueryDosDeviceA
EnterCriticalSection
Process32FirstW
SetCurrentDirectoryW
GetBinaryTypeA
OpenMutexW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
MultiByteToWideChar
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
HeapValidate
IsBadReadPtr
RtlUnwind
RaiseException
GetCommandLineW
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
HeapAlloc
GetModuleFileNameA
HeapReAlloc
HeapSize
HeapQueryInformation
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
GetCurrentThreadId
TlsFree
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetLocaleInfoW
GetLocaleInfoA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
OutputDebugStringA
OutputDebugStringW
SetFilePointer
GetConsoleMode
SetStdHandle
FlushFileBuffers
CreateFileW
CloseHandle
Sections
.text Size: 261KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 35KB - Virtual size: 3.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.civu Size: 512B - Virtual size: 5B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ