Static task
static1
Behavioral task
behavioral1
Sample
263d4bcfcc2e1cd9d3de9bbc585864861dda333cdd2e0158e3c47ff70540aefd.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
263d4bcfcc2e1cd9d3de9bbc585864861dda333cdd2e0158e3c47ff70540aefd.exe
Resource
win10v2004-en-20220113
General
-
Target
263d4bcfcc2e1cd9d3de9bbc585864861dda333cdd2e0158e3c47ff70540aefd
-
Size
268KB
-
MD5
b4ab969747e863a936b3aca56d7268ca
-
SHA1
2dd66dc42d4f3d7f2bc15ca03c543afa5a1c6380
-
SHA256
263d4bcfcc2e1cd9d3de9bbc585864861dda333cdd2e0158e3c47ff70540aefd
-
SHA512
b8aa5fcbb091ab486574bdb77024511de578d4a1a84fb2f2de8744dac4980a21ebcc197b823ecf0e97e707280a00a1401484df13edf47a0646e11123781a385c
-
SSDEEP
3072:04Vkc8MybpumBsy8tnsvTpKhCIIAJt1ZJWzx+pCsFa3vN1roHf:0MkY26yQnsLwmY1ZJ1H0rI
Malware Config
Signatures
Files
-
263d4bcfcc2e1cd9d3de9bbc585864861dda333cdd2e0158e3c47ff70540aefd.exe windows x86
bcecb8dcf49a67dc64ee326bb0b26c9f
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindFirstFileExW
ConnectNamedPipe
GetModuleHandleW
GetTickCount
SetProcessPriorityBoost
GetPriorityClass
OpenProcess
GlobalAlloc
WideCharToMultiByte
EnumSystemCodePagesA
GetConsoleAliasW
SetConsoleCursorPosition
EnumResourceLanguagesA
GetVolumePathNameA
lstrlenW
GetConsoleOutputCP
GetLongPathNameA
SetVolumeLabelW
GetAtomNameA
ProcessIdToSessionId
HeapAlloc
SetConsoleCtrlHandler
SetFileApisToANSI
SetProcessWorkingSetSize
GetCommMask
SetNamedPipeHandleState
CreatePipe
FindFirstVolumeMountPointA
EnumDateFormatsA
CreateMailslotA
VirtualProtect
FatalAppExitA
SetCalendarInfoA
_lopen
FindAtomW
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
GetVolumeInformationW
lstrcpyA
WriteConsoleW
LoadLibraryW
BuildCommDCBAndTimeoutsA
GetProcessIoCounters
GetDefaultCommConfigW
WriteConsoleOutputCharacterW
IsWow64Process
SetupComm
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
CloseHandle
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileW
user32
GetCaretPos
advapi32
EnumServicesStatusW
InitializeAcl
RegQueryMultipleValuesA
SetAclInformation
QueryServiceLockStatusW
Sections
.text Size: 93KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 68KB - Virtual size: 66.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 86KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ