Static task
static1
Behavioral task
behavioral1
Sample
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0.exe
Resource
win7-20220310-en
General
-
Target
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0
-
Size
290KB
-
MD5
f9fdaa602c4c427bb4a32640ad9ace1d
-
SHA1
28cfc8e7d3126a409b8052b7a7e24750790616f8
-
SHA256
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0
-
SHA512
ec0d214fc3fe5034d188a6e16c070e8a0d8c4f147c6a5ce6db1f7e8a4b59b698cf58bd591f2d8d67c6facab3bf4b4957c34756239482aad9743b87708be8ed3a
Malware Config
Signatures
Files
-
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0.exe windows x86
2eebe0dba96971c51a6bd6aeb0592251
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteProfileSectionA
GetNumaHighestNodeNumber
FindFirstVolumeA
FlushConsoleInputBuffer
HeapLock
FindFirstChangeNotificationA
WaitForSingleObject
GetNamedPipeHandleStateW
CompareFileTime
EnumResourceTypesW
EnumResourceNamesA
FillConsoleOutputCharacterW
GetTimeZoneInformation
TerminateThread
WaitForMultipleObjectsEx
GetVersionExW
VerifyVersionInfoW
SetEvent
FindNextFileA
CopyFileExA
BuildCommDCBAndTimeoutsA
GetConsoleOutputCP
GetCompressedFileSizeA
ReadConsoleOutputCharacterA
SetDefaultCommConfigA
VerLanguageNameW
_hread
GetCommConfig
WritePrivateProfileStructW
FreeEnvironmentStringsA
CreateTimerQueue
FindVolumeClose
ResetWriteWatch
WriteConsoleInputA
SetWaitableTimer
SetComputerNameExA
FindAtomA
LoadResource
GetThreadTimes
CallNamedPipeW
BuildCommDCBAndTimeoutsW
VirtualProtect
GetModuleHandleA
LocalAlloc
VerifyVersionInfoA
GlobalWire
GetProfileSectionW
GetCommandLineA
InterlockedDecrement
CopyFileA
ReleaseActCtx
OutputDebugStringW
FormatMessageA
SetDllDirectoryW
SetPriorityClass
WritePrivateProfileStringA
GetUserDefaultLangID
GlobalFix
GetVersionExA
HeapValidate
InterlockedCompareExchange
GetStartupInfoW
ConnectNamedPipe
GetLastError
GetCalendarInfoA
DebugBreak
GetComputerNameExW
SetLastError
CopyFileW
GetCPInfoExW
GetSystemWindowsDirectoryA
GetSystemWow64DirectoryW
GetPrivateProfileSectionNamesA
ContinueDebugEvent
InterlockedExchange
GetOEMCP
GetConsoleAliasW
lstrlenA
ReadConsoleA
WriteConsoleA
GetPrivateProfileSectionNamesW
GetSystemTimeAsFileTime
EnumCalendarInfoA
SetThreadIdealProcessor
EnumDateFormatsExW
VerSetConditionMask
CreateConsoleScreenBuffer
GetSystemWindowsDirectoryW
GetProfileStringA
CreateIoCompletionPort
AllocConsole
GetNumaNodeProcessorMask
GetConsoleAliasExesLengthW
CreateMailslotW
EnumDateFormatsA
GetCommState
SetThreadContext
CheckRemoteDebuggerPresent
GetSystemTimeAdjustment
_lwrite
_lopen
EnumSystemLocalesW
GetConsoleAliasExesLengthA
MoveFileW
GetWriteWatch
OpenSemaphoreA
GetModuleHandleW
LoadLibraryW
GetPrivateProfileStringW
DeleteAtom
TlsFree
GetFileInformationByHandle
GetProfileStringW
CreateActCtxW
CreateJobSet
CancelDeviceWakeupRequest
AreFileApisANSI
OpenWaitableTimerA
OpenFileMappingW
GetProcessHandleCount
GetConsoleAliasesLengthW
SetProcessShutdownParameters
PeekNamedPipe
FillConsoleOutputCharacterA
FindNextVolumeMountPointW
InitAtomTable
AddAtomW
WriteConsoleOutputCharacterW
GetConsoleAliasExesA
GetBinaryTypeA
SetThreadPriority
InitializeCriticalSection
SetConsoleTextAttribute
LoadLibraryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteFileA
RaiseException
GetStartupInfoA
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetProcAddress
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
Sleep
InterlockedIncrement
ExitProcess
GetModuleFileNameA
WriteFile
GetStdHandle
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetACP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
CloseHandle
CreateFileA
gdi32
GetBitmapBits
Sections
.text Size: 182KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 71KB - Virtual size: 719KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ