Static task
static1
Behavioral task
behavioral1
Sample
341d69cf4f5d9be493ebe9913f4150cf.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
341d69cf4f5d9be493ebe9913f4150cf.exe
Resource
win10v2004-20220414-en
General
-
Target
341d69cf4f5d9be493ebe9913f4150cf.exe
-
Size
1.1MB
-
MD5
341d69cf4f5d9be493ebe9913f4150cf
-
SHA1
b043c610bf6b1fea68701910870d439501d8f832
-
SHA256
ea315e9e65af9d1d95ac0636abde389107bb131f99e9eeac2dd16821be1ba888
-
SHA512
50534e155760d2dde64e0737f90b63d35c1b0e3136007476d9e62b8eaf0bfb42225a57dc340c12e45a7346cdf56a857e403b4230d561b32991f1155f4d8294ab
-
SSDEEP
24576:4VXkHFVZWV/V8mtK9RdYYu4LPqJseg4Bbh1Co:BjZm/V8qyY1sPAsh4Bbhd
Malware Config
Signatures
Files
-
341d69cf4f5d9be493ebe9913f4150cf.exe.exe windows x86
f2673d9c17d44833382f98a82bef63bb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTimeAdjustment
FindNextVolumeA
LeaveCriticalSection
GetNamedPipeHandleStateW
FileTimeToLocalFileTime
ExitProcess
GetCurrentProcessId
GetVersionExW
EnumDateFormatsExW
FillConsoleOutputCharacterA
EnumResourceNamesA
FindNextFileA
CopyFileExW
BuildCommDCBAndTimeoutsA
SetDefaultCommConfigA
WritePrivateProfileStructW
HeapSetInformation
CreateTimerQueue
ReadConsoleInputA
GetVersionExA
GetSystemDirectoryW
GetDriveTypeA
GetProcAddress
LoadLibraryA
GlobalAlloc
VerifyVersionInfoA
GetBinaryTypeA
GetProfileSectionW
InterlockedDecrement
ReadConsoleOutputCharacterA
FindFirstChangeNotificationW
FormatMessageW
SetDllDirectoryW
GetQueuedCompletionStatus
WritePrivateProfileStringA
GetConsoleAliasesLengthW
GetProcessHeap
OpenWaitableTimerA
UnlockFile
InterlockedIncrement
GetStartupInfoW
GetSystemWow64DirectoryW
GetConsoleAliasExesW
ContinueDebugEvent
EndUpdateResourceW
SetLastError
FatalAppExitA
SetSystemTime
OpenFileMappingA
lstrcmpW
TerminateThread
SetConsoleActiveScreenBuffer
SetDefaultCommConfigW
VirtualFree
InterlockedCompareExchange
GlobalUnfix
GetSystemWindowsDirectoryA
CopyFileW
TerminateProcess
GetACP
FindAtomA
lstrcatW
HeapWalk
SetMailslotInfo
CreateActCtxA
_lread
GetOverlappedResult
CreateNamedPipeW
GetAtomNameA
SetConsoleScreenBufferSize
EnumResourceTypesW
lstrlenA
EndUpdateResourceA
WriteConsoleA
VirtualProtect
lstrcpyA
ReadConsoleOutputA
SetThreadContext
BuildCommDCBW
ReleaseActCtx
GetStringTypeW
GetPrivateProfileStringW
GetFileAttributesW
GetVolumePathNameA
MoveFileW
SetCommMask
SetFileShortNameA
VerLanguageNameA
LockFile
EnumDateFormatsA
ProcessIdToSessionId
PostQueuedCompletionStatus
FreeConsole
GlobalGetAtomNameW
SetComputerNameA
GetConsoleAliasExesLengthW
WriteConsoleInputW
CreateMailslotA
TzSpecificLocalTimeToSystemTime
SetLocalTime
GetStringTypeExW
EnumSystemLocalesW
CallNamedPipeA
GetConsoleAliasExesLengthA
FindActCtxSectionGuid
CopyFileA
ResetWriteWatch
GetPrivateProfileIntW
GetModuleHandleW
GetTickCount
GetModuleFileNameA
OpenWaitableTimerW
GetConsoleAliasesLengthA
GlobalUnWire
FillConsoleOutputCharacterW
GetCompressedFileSizeW
SetThreadPriority
MapUserPhysicalPages
WriteConsoleOutputCharacterA
EnumDateFormatsW
QueryInformationJobObject
CreateFileW
GetDateFormatW
RaiseException
HeapValidate
IsBadReadPtr
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetLastError
HeapDestroy
HeapCreate
HeapFree
WriteFile
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
GetConsoleOutputCP
CreateFileA
CloseHandle
FlushFileBuffers
Sections
.text Size: 146KB - Virtual size: 146KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 901KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 931KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ