Static task
static1
Behavioral task
behavioral1
Sample
57994709.exe
Resource
win7-20220311-en
General
-
Target
57994709.exe
-
Size
661KB
-
MD5
b8fb898ec2cab9c10329175a89ca4a79
-
SHA1
b51d1d227b347e7230732175165af6a8357579c4
-
SHA256
8860ea573d5feae4a267aaa8cb8bf8c47f9c2c50e18ab3fc73d785afc89516cc
-
SHA512
b0d00ee5d9297e8690fbb8566f8f3c0e47cd04534ea50aacabdbfef3cfb09c853a78db2a8ba06125f5416265cb8b2f5d1585109e950e66fd0b71ba2310789f1d
Malware Config
Signatures
Files
-
57994709.exe.exe windows x86
5dabb44f23597143e9b874503cbd5a26
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteProfileSectionA
SetLocaleInfoA
FindFirstVolumeA
GetNamedPipeHandleStateW
CompareFileTime
EnumResourceTypesA
EnumResourceNamesA
FillConsoleOutputCharacterW
GetTimeZoneInformation
TerminateThread
SignalObjectAndWait
GetVersionExW
VerifyVersionInfoA
QueryDepthSList
SetEvent
FindNextFileA
BuildCommDCBAndTimeoutsA
GetCompressedFileSizeA
CopyFileExW
ReadConsoleOutputCharacterA
SetDefaultCommConfigW
VerLanguageNameA
EscapeCommFunction
WritePrivateProfileStructA
FreeEnvironmentStringsA
CreateTimerQueue
FindNextVolumeMountPointA
ResetWriteWatch
WriteConsoleInputA
SetComputerNameExA
FindAtomA
LoadResource
GetThreadPriority
CallNamedPipeW
BuildCommDCBAndTimeoutsW
VirtualProtect
LocalAlloc
GetProfileSectionA
GetCommandLineA
InterlockedExchange
FindFirstChangeNotificationW
GetCalendarInfoA
ReleaseActCtx
OutputDebugStringW
FormatMessageA
SetDllDirectoryW
GetModuleHandleW
WritePrivateProfileStringA
GetUserDefaultLangID
TerminateProcess
GlobalFix
HeapValidate
InterlockedCompareExchange
GetStartupInfoW
SetCalendarInfoW
DebugBreak
SetConsoleTextAttribute
GetLastError
CopyFileA
DisconnectNamedPipe
GetCPInfoExW
GetComputerNameExW
ContinueDebugEvent
InterlockedExchangeAdd
GetSystemWindowsDirectoryW
GetACP
GetPrivateProfileStringA
CreateActCtxA
GetConsoleAliasW
lstrlenA
WriteConsoleA
GlobalWire
FormatMessageW
GetPrivateProfileSectionNamesA
GetSystemTimeAsFileTime
EnumCalendarInfoA
SetThreadAffinityMask
VerSetConditionMask
CreateConsoleScreenBuffer
GetSystemWindowsDirectoryA
GetProfileStringW
CreateIoCompletionPort
AllocConsole
GlobalGetAtomNameW
SetComputerNameW
GetConsoleAliasExesLengthA
WriteConsoleInputW
CreateMailslotW
GetCommState
SetThreadContext
GetSystemTimeAdjustment
_lwrite
_lopen
EnumSystemLocalesW
GetConsoleAliasExesLengthW
MoveFileA
GetWriteWatch
GetPrivateProfileStringW
GetModuleHandleA
EnumDateFormatsA
DeleteAtom
LoadLibraryW
TlsFree
SetFirmwareEnvironmentVariableW
CommConfigDialogW
GetConsoleAliasesLengthA
CancelDeviceWakeupRequest
AreFileApisANSI
OpenWaitableTimerW
OpenFileMappingW
SetProcessAffinityMask
GetConsoleAliasesLengthW
SetProcessShutdownParameters
FindNextVolumeMountPointW
SetThreadPriority
ReadConsoleW
AddAtomA
WriteConsoleOutputCharacterW
GetNumberFormatW
GetConsoleAliasExesA
GetBinaryTypeA
EnterCriticalSection
InitializeCriticalSection
GetSystemWow64DirectoryW
LoadLibraryA
DeleteFileA
RaiseException
GetStartupInfoA
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetProcAddress
SetStdHandle
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
InterlockedIncrement
InterlockedDecrement
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetLastError
SetHandleCount
GetStdHandle
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
GetConsoleOutputCP
MultiByteToWideChar
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
CloseHandle
FlushFileBuffers
gdi32
GetBoundsRect
winhttp
WinHttpConnect
msimg32
AlphaBlend
Sections
.text Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 433KB - Virtual size: 597KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ