Static task
static1
Behavioral task
behavioral1
Sample
54ea3470b7b6a4653c7253a874118971b842c3d38dcca7f65f3ec4446b63dff9.dll
Resource
win7-20220311-en
General
-
Target
54ea3470b7b6a4653c7253a874118971b842c3d38dcca7f65f3ec4446b63dff9
-
Size
456KB
-
MD5
25a65068db29d21f15626ed5a89f0940
-
SHA1
047f91c8f3cd95a0b5dbfc402607f73a96943730
-
SHA256
54ea3470b7b6a4653c7253a874118971b842c3d38dcca7f65f3ec4446b63dff9
-
SHA512
1f06b0a9105821470d1ed7444ec769e2448f00d269adf4bc4942295787b154e0baee48f6a22e8687f4a06307e33c5829035558b4ea331b62a49d31400d47741e
Malware Config
Signatures
Files
-
54ea3470b7b6a4653c7253a874118971b842c3d38dcca7f65f3ec4446b63dff9.dll windows x86
44323194308d203d3e24e33067a1ef8a
Code Sign
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleW
LoadLibraryA
GetProcAddress
GetLastError
ConnectNamedPipe
EnumResourceTypesA
EnumResourceNamesW
SetDefaultCommConfigA
MoveFileExA
GlobalGetAtomNameA
lstrcpyA
GetConsoleAliasesA
LocalCompact
GetVersion
FlushConsoleInputBuffer
ReadConsoleOutputA
EnumTimeFormatsW
VirtualAlloc
GetSystemInfo
IsBadCodePtr
FlushFileBuffers
OpenEventW
GlobalFindAtomW
EndUpdateResourceA
GetConsoleTitleA
DisableThreadLibraryCalls
lstrcat
CreateProcessA
Process32FirstW
SetupComm
ReadConsoleOutputW
SetVolumeMountPointW
GetConsoleAliasesW
SetThreadIdealProcessor
InterlockedExchangeAdd
SetTimerQueueTimer
HeapCreate
GetTempFileNameA
TlsSetValue
TlsGetValue
LocalAlloc
lstrlenW
lstrcmpA
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualProtectEx
VirtualProtect
VirtualFree
UnmapViewOfFile
TerminateThread
TerminateProcess
SystemTimeToFileTime
SuspendThread
Sleep
SizeofResource
SetVolumeLabelW
SetThreadPriority
SetThreadContext
SetThreadAffinityMask
SetPriorityClass
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReleaseSemaphore
ReleaseMutex
ReadProcessMemory
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
PulseEvent
OutputDebugStringW
OpenProcess
OpenMutexW
OpenFileMappingA
OpenFileMappingW
OpenEventA
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetVolumeInformationA
GetVolumeInformationW
GetVersionExA
GetVersionExW
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadPriority
GetThreadLocale
GetThreadContext
GetTempPathW
GetTempFileNameW
GetSystemTime
GetSystemDirectoryA
GetSystemDirectoryW
GetStartupInfoW
GetProcessVersion
GetProcessAffinityMask
GetPriorityClass
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesA
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
GetCommandLineA
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FormatMessageW
FlushViewOfFile
FindResourceA
FindResourceW
FindNextFileW
FindFirstFileA
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
ExitProcess
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DisconnectNamedPipe
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateNamedPipeW
CreateMutexA
CreateMutexW
CreateFileMappingA
CreateFileMappingW
CreateFileA
CreateFileW
CreateEventA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
CloseHandle
CancelIo
GetComputerNameA
user32
LoadCursorA
CharNextA
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
LoadCursorW
SetCursor
DispatchMessageW
LoadBitmapW
GetSysColor
GetDlgItem
GetSystemMetrics
EndDialog
DialogBoxParamW
GetShellWindow
SetWindowPos
DrawTextW
GetParent
LoadStringW
GetWindowTextW
MessageBoxW
ExitWindowsEx
PostMessageW
MessageBeep
SendMessageW
GetWindowRect
GetDC
ReleaseDC
BeginPaint
EnumWindowStationsW
GetMonitorInfoW
ChangeDisplaySettingsA
DlgDirListComboBoxW
GetGuiResources
IsWindowUnicode
GetCursorInfo
OpenDesktopW
TileWindows
SwitchDesktop
CreateWindowExW
WaitForInputIdle
UpdateWindow
SystemParametersInfoW
AnimateWindow
ShowWindow
ShowOwnedPopups
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowPlacement
SetWindowLongW
SetTimer
SetRect
SetPropA
SetParent
SetForegroundWindow
SetFocus
SetCursorPos
SetClassLongW
SendNotifyMessageW
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageCallbackA
SendMessageA
RemovePropA
RegisterWindowMessageW
RegisterClassW
PostThreadMessageA
PostThreadMessageW
PostQuitMessage
PostMessageA
OffsetRect
LoadImageW
LoadIconW
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
InvalidateRect
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowPlacement
GetWindowLongW
GetUserObjectInformationW
GetTopWindow
GetThreadDesktop
GetSystemMenu
GetPropA
GetWindow
GetMessageW
GetMenu
GetIconInfo
GetForegroundWindow
GetClientRect
GetClassNameA
GetClassLongW
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowExA
FindWindowExW
FindWindowW
EnumWindows
EnumThreadWindows
EnableWindow
EnableMenuItem
DrawMenuBar
DrawFrameControl
DrawFocusRect
DestroyWindow
DestroyIcon
DefWindowProcW
CreateIconFromResource
ChildWindowFromPointEx
CharUpperW
CharNextExA
CharLowerW
BringWindowToTop
AttachThreadInput
AdjustWindowRectEx
gdi32
AddFontResourceA
AddFontResourceW
RealizePalette
GetEnhMetaFileBits
GetEnhMetaFileW
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPointW
SetBkColor
ExtTextOutW
CreateCompatibleDC
GetObjectW
BitBlt
DeleteObject
SelectObject
CreateMetaFileA
GetCharWidthFloatA
SetBitmapDimensionEx
EngFreeModule
GetEnhMetaFileDescriptionA
CreateScalableFontResourceW
GdiConvertBrush
SetTextCharacterExtra
CheckColorsInGamut
EnumFontFamiliesA
CreatePolygonRgn
STROBJ_dwGetCodePage
GetDIBits
CreatePolyPolygonRgn
GetCharacterPlacementW
GetDCPenColor
CreateEnhMetaFileW
GetTextExtentPointI
GetBitmapBits
SelectClipRgn
GetCharABCWidthsI
SetMapMode
GdiInitSpool
GetRasterizerCaps
EngMultiByteToUnicodeN
EngQueryLocalTime
EngReleaseSemaphore
SetDeviceGammaRamp
FONTOBJ_cGetGlyphs
GetStockObject
EngTransparentBlt
GdiGetDC
STROBJ_bEnum
DeleteEnhMetaFile
EngDeletePalette
GdiReleaseLocalDC
GetBkColor
EngAcquireSemaphore
GetCurrentObject
GetStretchBltMode
SetTextColor
SetArcDirection
GdiValidateHandle
TranslateCharsetInfo
StretchDIBits
StretchBlt
SetStretchBltMode
SetBkMode
GetTextExtentPoint32W
GetPaletteEntries
GetNearestPaletteIndex
GetDeviceCaps
DeleteDC
CreateRoundRectRgn
CreateRectRgn
CreatePalette
CreateDIBitmap
CreateDIBSection
CreateCompatibleBitmap
CreateBitmap
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegOpenKeyA
RegOpenKeyW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
SetSecurityDescriptorDacl
ReportEventW
RegisterEventSourceW
RegUnLoadKeyW
RegOpenKeyExA
RegLoadKeyW
OpenProcessToken
LookupPrivilegeValueA
LookupAccountSidA
LookupAccountSidW
InitializeSecurityDescriptor
GetUserNameA
GetUserNameW
GetTokenInformation
GetLengthSid
AdjustTokenPrivileges
GetKernelObjectSecurity
CryptSetProvParam
CryptGetProvParam
CryptDestroyHash
CryptSignHashA
CryptSetHashParam
CryptCreateHash
CryptImportKey
CryptExportKey
CryptReleaseContext
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextA
CryptDecrypt
InitiateSystemShutdownExW
AbortSystemShutdownW
shell32
SHAppBarMessage
SHFileOperationA
SHGetMalloc
SHGetFileInfoA
SHFileOperationW
ShellExecuteW
Shell_NotifyIconW
DragQueryFileW
DragFinish
SHGetFolderPathA
SHGetFolderPathW
ord155
SHGetSpecialFolderLocation
SHGetFolderLocation
SHGetPathFromIDListA
SHGetPathFromIDListW
SHBrowseForFolderW
ole32
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
GetHGlobalFromStream
comctl32
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
Sections
.text Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 225B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata3 Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata2 Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text4 Size: 241KB - Virtual size: 240KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.rsrc Size: 135KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ