Static task
static1
Behavioral task
behavioral1
Sample
b51e81e44593c2c42ae412b692c46be3c6b1e4ac46c951e708618da5919403d3.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
b51e81e44593c2c42ae412b692c46be3c6b1e4ac46c951e708618da5919403d3.exe
Resource
win10v2004-en-20220113
General
-
Target
b51e81e44593c2c42ae412b692c46be3c6b1e4ac46c951e708618da5919403d3
-
Size
1016KB
-
MD5
cf04ef7185ddf7d7eb50cdda20987b52
-
SHA1
300e4d06ce151141c8b858c2a752be1fa0d53ad8
-
SHA256
b51e81e44593c2c42ae412b692c46be3c6b1e4ac46c951e708618da5919403d3
-
SHA512
e596a1ce2a0d24681289f7e84ed24fe70a768bdb160eda5c4c39be3dd061d1cdf0309792aef03c2944e51fc630a3f2f7aa693c1e984aef69762f4bb3d77e98e7
-
SSDEEP
12288:wUriv0b6YyM9MxD8bzLE9XPhEVE6wAQeuCPlNRr8kgiYsLzAxbq4zGpA:wUrid67E6DhuCPlLrwsnKbYpA
Malware Config
Signatures
Files
-
b51e81e44593c2c42ae412b692c46be3c6b1e4ac46c951e708618da5919403d3.exe windows x86
27d4fdb15b529d4cff91c46475c3f409
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameW
GetSystemDirectoryA
EnumSystemLanguageGroupsA
VirtualAlloc
CancelIoEx
CreateEventW
Module32FirstW
CreateToolhelp32Snapshot
Module32NextW
CloseHandle
GetCurrentProcessId
lstrcpyA
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
ReadConsoleW
LoadLibraryExW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetFileType
GetOEMCP
GetACP
IsValidCodePage
CreateThread
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
CreateEventA
GetLocaleInfoW
LCMapStringW
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCPInfo
GetCommandLineA
HeapReAlloc
ReadFile
AreFileApisANSI
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualQuery
GlobalAlloc
GetEnvironmentStrings
WriteFile
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetProcessHeap
WaitForSingleObject
GlobalAddAtomA
HeapAlloc
lstrlenA
GetComputerNameA
LoadLibraryExA
GetModuleFileNameA
GetProcAddress
lstrcmpiA
MultiByteToWideChar
IsDBCSLeadByte
SizeofResource
Sleep
GetCurrentThreadId
DeleteCriticalSection
DecodePointer
EnterCriticalSection
SetLastError
GetLastError
RaiseException
FlushInstructionCache
LeaveCriticalSection
VirtualProtect
GetSystemInfo
HeapFree
GetStringTypeW
EncodePointer
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadResource
FreeLibrary
IsValidLocale
FindResourceA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetModuleHandleA
GetStdHandle
VirtualFree
user32
UnregisterClassA
GetWindowLongA
MonitorFromWindow
SetWindowPos
ShowWindow
GetActiveWindow
SetWindowLongA
GetMonitorInfoA
MapWindowPoints
DialogBoxParamA
GetWindow
EndPaint
ClientToScreen
CloseClipboard
EndDialog
InsertMenuItemA
FillRect
LoadBitmapA
LoadMenuA
CreateMenu
SetFocus
SendMessageA
BeginPaint
SetScrollRange
GetDC
GetForegroundWindow
OffsetRect
GetWindowTextA
TrackPopupMenuEx
SetRect
MessageBoxA
CreateWindowExA
ReleaseDC
EmptyClipboard
GetDlgItem
GetCursorPos
CreatePopupMenu
AppendMenuA
IsWindow
OpenClipboard
UpdateWindow
SetClipboardData
DestroyMenu
GetDialogBaseUnits
GetMessageA
CreateDialogParamA
CharNextA
TranslateMessage
PeekMessageA
DefWindowProcA
DispatchMessageA
DestroyWindow
GetWindowRect
PostQuitMessage
GetParent
wsprintfA
GetClientRect
ScreenToClient
gdi32
GetRegionData
GetObjectA
SetTextAlign
GetTextMetricsA
SelectPalette
RealizePalette
BitBlt
CreateFontIndirectA
SetBrushOrgEx
ExcludeClipRect
CreateHalftonePalette
CreateSolidBrush
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CombineRgn
advapi32
RegCreateKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
GetUserNameA
OpenProcessToken
RegCloseKey
RegDeleteValueA
RegSetValueExA
shell32
SHBindToParent
SHParseDisplayName
ole32
CoTaskMemFree
CoTaskMemRealloc
StringFromCLSID
GetHGlobalFromStream
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoCreateInstance
oleaut32
VariantInit
SafeArrayPtrOfIndex
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
UnRegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocString
SafeArrayCreateVector
odbc32
ord50
ord51
shlwapi
PathRemoveFileSpecW
ColorRGBToHLS
StrCmpNIA
comctl32
ImageList_GetIconSize
ImageList_Add
ImageList_Create
InitCommonControlsEx
opengl32
wglGetCurrentDC
wglGetProcAddress
glGetIntegerv
glGetString
wininet
InternetOpenA
rpcrt4
UuidToStringW
UuidCreate
imm32
ImmAssociateContext
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmDestroyContext
ImmGetContext
ImmCreateContext
setupapi
SetupDiAskForOEMDisk
SetupDeleteErrorA
rasapi32
RasDialA
RasGetErrorStringA
RasHangUpA
Sections
.text Size: 252KB - Virtual size: 252KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 275KB - Virtual size: 275KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 98KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 358KB - Virtual size: 358KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ