Static task
static1
Behavioral task
behavioral1
Sample
5e75e5f1599859fa86b36ede416b1ce5966db6e420b6c9729101ce4f7117d924.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
5e75e5f1599859fa86b36ede416b1ce5966db6e420b6c9729101ce4f7117d924.exe
Resource
win10v2004-20220414-en
General
-
Target
5e75e5f1599859fa86b36ede416b1ce5966db6e420b6c9729101ce4f7117d924
-
Size
349KB
-
MD5
178bcec8232631020ce5c7c0787dbaaf
-
SHA1
c9c73fe7b8f081824c31c4cc7a626ce79b21c036
-
SHA256
5e75e5f1599859fa86b36ede416b1ce5966db6e420b6c9729101ce4f7117d924
-
SHA512
bc005fae9269340c3e1e91445cda05e9c1343c39888f5f55d4ea905ea38aa01f55e60e819dbaa160d3dc30dc1ca8a3cfe9c334da23470a3f338e099653bc33da
-
SSDEEP
6144:8mHmiFMmLVyCq/1GgeAXNPwvHnW6BhYitYiw0P:8mzFMmUCYeYwvHW6BhHtY0
Malware Config
Signatures
Files
-
5e75e5f1599859fa86b36ede416b1ce5966db6e420b6c9729101ce4f7117d924.exe windows x86
3bcc274d87d54e63c60178c42ea51957
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateActCtxA
HeapUnlock
GlobalAlloc
GetModuleHandleA
InterlockedCompareExchange
AddRefActCtx
WaitNamedPipeW
GetTickCount
GetPrivateProfileSectionW
CancelDeviceWakeupRequest
EnterCriticalSection
LocalFree
WriteFile
ReadProcessMemory
OpenEventW
SetEvent
GetModuleFileNameW
SetConsoleTitleW
AllocConsole
LoadLibraryA
GetSystemWindowsDirectoryW
GetWindowsDirectoryA
WriteConsoleW
CommConfigDialogW
lstrcpynA
GetFileAttributesW
HeapAlloc
GetAtomNameW
HeapCompact
GetSystemDefaultLCID
GetConsoleAliasW
VirtualAlloc
CreateMailslotW
GetCPInfoExW
SetEnvironmentVariableW
CommConfigDialogA
GetConsoleAliasesLengthW
GetFileAttributesExW
SetCalendarInfoA
HeapLock
ReleaseMutex
WaitForSingleObject
lstrlenW
GetConsoleTitleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetStartupInfoW
GetLastError
HeapFree
GetProcAddress
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetFilePointer
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
CloseHandle
Sleep
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
CreateFileA
advapi32
RegQueryValueExW
Sections
.text Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 111KB - Virtual size: 672KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 58KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ