Static task
static1
Behavioral task
behavioral1
Sample
bcafd3989097e0631a1dbb1fb996690c7c5240c81e6496184268a8f4f2a840ec.exe
Resource
win7-en-20211208
General
-
Target
bcafd3989097e0631a1dbb1fb996690c7c5240c81e6496184268a8f4f2a840ec
-
Size
386KB
-
MD5
dfc02658cb106d327ec0379beb50df44
-
SHA1
a2e49b450c91e6ade762e4d1a037b42a054b028b
-
SHA256
bcafd3989097e0631a1dbb1fb996690c7c5240c81e6496184268a8f4f2a840ec
-
SHA512
c768f5646b9c20c4108c3b157f564a38d10d06473af53b3cc0e8c523df0e476c0adba0657ee57f6c34c51c7278f75c6e4d3569c5cfd87dfee6eacaa0d52e0c86
-
SSDEEP
6144:znt5uKrpO16qowdxLan5HRS++sCPCMXhVYQJh+Zw:raKrpQ6q5Ha5HRS++RPCMrYQK
Malware Config
Signatures
Files
-
bcafd3989097e0631a1dbb1fb996690c7c5240c81e6496184268a8f4f2a840ec.exe windows x86
971a9f981d9286b99905cee799d3e7b5
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenFileMappingA
GetNumaProcessorNode
FindFirstVolumeW
ExitProcess
GetExitCodeProcess
ProcessIdToSessionId
GetVersionExW
VerifyVersionInfoA
GetPrivateProfileStringW
GetConsoleCP
TlsGetValue
SetConsoleMode
CopyFileExW
VerLanguageNameW
FindFirstChangeNotificationA
FreeEnvironmentStringsA
RequestWakeupLatency
SetVolumeMountPointA
SetCurrentDirectoryW
GetLongPathNameW
TlsSetValue
SetConsoleCursorInfo
GlobalHandle
TzSpecificLocalTimeToSystemTime
SetProcessShutdownParameters
CompareStringW
LocalLock
GetNamedPipeHandleStateW
BuildCommDCBAndTimeoutsW
GetProcAddress
GetModuleHandleA
LocalAlloc
Sleep
MoveFileExA
SetEnvironmentVariableW
InterlockedDecrement
InterlockedExchange
VerifyVersionInfoW
DeleteFileW
GetVolumePathNamesForVolumeNameW
GetPrivateProfileIntW
HeapValidate
GetProcessHeaps
CreateNamedPipeA
GetCPInfoExA
GetSystemWindowsDirectoryA
GetSystemWow64DirectoryA
SetLastError
GetCalendarInfoW
GetLastError
GetStringTypeA
DeleteVolumeMountPointA
FatalAppExitA
GetThreadSelectorEntry
WaitForDebugEvent
FindFirstFileA
WriteFileGather
GetTempPathW
GetDefaultCommConfigA
UnmapViewOfFile
GlobalUnWire
WritePrivateProfileSectionA
TerminateThread
lstrcatW
VirtualLock
InterlockedPopEntrySList
SetConsoleTitleA
DefineDosDeviceW
LoadLibraryA
WritePrivateProfileStringW
WaitNamedPipeA
InterlockedIncrement
TerminateProcess
PeekConsoleInputW
ReadConsoleOutputW
GetNumberFormatW
CreateSemaphoreA
EnumDateFormatsA
DuplicateHandle
GetPrivateProfileSectionNamesA
EnumTimeFormatsA
SetLocalTime
CreateSemaphoreW
FindNextFileA
FindFirstFileW
OutputDebugStringA
SetFileShortNameW
lstrcpyA
CreateHardLinkA
SetThreadExecutionState
GetSystemTime
LockFile
EnumCalendarInfoExA
SetConsoleCP
SetConsoleScreenBufferSize
SearchPathA
GetOverlappedResult
IsBadStringPtrA
GetAtomNameW
GetConsoleAliasExesLengthW
WriteConsoleInputA
LocalUnlock
EnumDateFormatsW
SetCommConfig
_lopen
EnumSystemLocalesA
GetCommState
SetEndOfFile
CreateTimerQueueTimer
ResetWriteWatch
UnhandledExceptionFilter
OpenSemaphoreW
GetConsoleScreenBufferInfo
WriteProfileStringW
CreateActCtxW
HeapSetInformation
GetVolumePathNamesForVolumeNameA
GetSystemTimeAdjustment
GetComputerNameA
HeapCompact
CommConfigDialogW
GetModuleFileNameA
OpenMutexW
GetBinaryTypeW
AllocateUserPhysicalPages
FindResourceW
AreFileApisANSI
DeleteTimerQueueTimer
EnumResourceNamesW
CreateTimerQueue
GetProcessHandleCount
UnregisterWait
IsBadWritePtr
GetCurrentProcessId
FatalAppExitW
GetFileAttributesA
lstrcpynW
SetNamedPipeHandleState
WriteConsoleOutputAttribute
GetCompressedFileSizeA
SetFileShortNameA
GetFullPathNameW
WriteProfileStringA
AddVectoredExceptionHandler
GlobalAddAtomA
EnumDateFormatsExW
TerminateJobObject
QueryDosDeviceA
LeaveCriticalSection
GetBinaryTypeA
SetCurrentDirectoryA
ReadFileEx
lstrlenW
EncodePointer
DecodePointer
MoveFileA
DeleteFileA
GetCommandLineW
GetStartupInfoW
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
IsBadReadPtr
GetModuleHandleW
EnterCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsFree
HeapCreate
WriteFile
WriteConsoleW
OutputDebugStringW
LoadLibraryW
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleMode
MultiByteToWideChar
LCMapStringW
GetStringTypeW
FlushFileBuffers
SetStdHandle
CloseHandle
CreateFileW
RaiseException
Sections
.text Size: 281KB - Virtual size: 281KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 54KB - Virtual size: 561KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ