Static task
static1
Behavioral task
behavioral1
Sample
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba.exe
Resource
win7-20220310-en
General
-
Target
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
Size
126KB
-
MD5
cbbc58e6c361cadbe803e2b5db17307e
-
SHA1
86764e2af88b290aa12669369d882a663a264c4d
-
SHA256
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
SHA512
826d8ac99ccd75cd6fa95235ff2979e997d396e30a5ae81c9a7781a02c8560c9398bbda567edfc586d4a14244126cfde58c1f752d68b382bd5872f1337312a2a
Malware Config
Signatures
Files
-
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba.exe windows x86
c6b27cf23e6376f369490189b0accbe2
Code Sign
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExW
comctl32
CreatePropertySheetPageW
gdi32
CreateICA
CreateCompatibleBitmap
DeleteDC
SelectObject
GetObjectA
CreateCompatibleDC
CreateDCA
GetDeviceCaps
DeleteObject
BitBlt
imagehlp
SymMatchString
kernel32
GetVersionExA
FreeLibrary
GetProcessHeap
FindResourceA
WideCharToMultiByte
VirtualAlloc
HeapFree
LocalAlloc
EnumResourceLanguagesA
LocalFree
GetWindowsDirectoryA
GlobalGetAtomNameW
IsBadWritePtr
GetProcAddress
HeapDestroy
GetCurrentProcessId
CreateProcessA
LoadLibraryExA
GetSystemDefaultLangID
GetSystemDirectoryA
GetCurrentThreadId
VirtualProtectEx
GetLastError
GetCurrentProcess
TlsAlloc
EnterCriticalSection
LoadResource
GetModuleHandleW
TlsGetValue
GetModuleHandleA
InitializeCriticalSection
GetACP
LeaveCriticalSection
GetSystemWindowsDirectoryA
TlsSetValue
LoadLibraryW
lstrcpynA
TlsFree
LocalReAlloc
MultiByteToWideChar
lstrlenA
GlobalDeleteAtom
UnhandledExceptionFilter
DeleteCriticalSection
GetTickCount
GetLocaleInfoA
GetModuleFileNameA
InterlockedIncrement
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
VirtualFree
TerminateProcess
LoadLibraryA
QueryPerformanceCounter
GetUserDefaultLangID
IsValidCodePage
FlushInstructionCache
GlobalAddAtomW
HeapAlloc
InterlockedDecrement
msctf
TF_GetGlobalCompartment
TF_CreateThreadMgr
TF_CreateLangBarMgr
TF_InvalidAssemblyListCacheIfExist
TF_CreateInputProcessorProfiles
msvcrt
_wcsdup
free
wcscmp
iswspace
wcsstr
wcslen
wcschr
wcstol
towlower
iswpunct
malloc
iswcntrl
memmove
iswalpha
strrchr
_vsnwprintf
iswalnum
towupper
_initterm
_vsnprintf
wcsncpy
atoi
strncmp
wcsncmp
wcscpy
iswlower
iswdigit
_wcsnicmp
_wcsicmp
strtol
ole32
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
oleacc
AccessibleObjectFromWindow
qcap
DllCanUnloadNow
user32
GetForegroundWindow
DefWindowProcA
SendMessageA
SetCursor
SystemParametersInfoA
GetWindowLongA
DestroyIcon
SetTimer
SendDlgItemMessageA
GetActiveWindow
WinHelpA
FindWindowA
GetParent
GetSystemMetrics
keybd_event
GetFocus
DialogBoxParamW
SetWindowLongA
EnableWindow
EndDialog
SetDlgItemInt
KillTimer
LoadCursorA
GetSysColor
LoadImageA
ShowWindow
GetMessageTime
RegisterClassExA
DestroyWindow
GetWindowTextW
IsWindow
PostMessageA
CreateWindowExA
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 664B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ