Static task
static1
Behavioral task
behavioral1
Sample
ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7.exe
Resource
win10v2004-20220414-en
General
-
Target
ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7
-
Size
527KB
-
MD5
e0804b5d4735af8595cf296545bb5f01
-
SHA1
05d5089042faf5a4661b53ad6a3147d7d457820d
-
SHA256
ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7
-
SHA512
961bcfe8ee675408e896a53252ff6389ca843e75622685cbb75fe55c290f136c4b1724c074cce86883f16c56491facbe6a82afd11dace6db6799a72b202e569b
-
SSDEEP
12288:s16nvyO/q4kg8pvH1FPv561ZSxGG0YTsp2GpjprYgn:s19CkgUt5v5U4GaGpug
Malware Config
Signatures
Files
-
ea3a2f4ccb1575a21c790e37aca831bed210b9860eb72dad7879d8bea7b99dd7.exe windows x86
852644758b98b937a9bc47a71cd3fb7e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalUnlock
HeapReAlloc
AllocConsole
FindResourceExW
WriteTapemark
SetConsoleTextAttribute
InterlockedDecrement
WaitNamedPipeA
GetCurrentProcess
SetEvent
SleepEx
GetModuleHandleW
GetTickCount
GenerateConsoleCtrlEvent
GetConsoleTitleA
ReadConsoleW
WriteFile
FindActCtxSectionStringA
ActivateActCtx
FreeConsole
SetConsoleCP
GetFileAttributesA
VerifyVersionInfoA
ReadFile
lstrlenW
GetProcAddress
AttachConsole
LoadLibraryA
LocalAlloc
SetConsoleCtrlHandler
HeapLock
SetConsoleWindowInfo
WaitForMultipleObjects
GetModuleFileNameA
SetConsoleTitleW
GetPrivateProfileSectionA
DeleteCriticalSection
SetFileShortNameA
EndUpdateResourceA
GetCurrentProcessId
CommConfigDialogW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
CloseHandle
ExitProcess
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSectionAndSpinCount
CreateFileA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
SetFilePointer
SetEndOfFile
GetProcessHeap
WriteConsoleA
winhttp
WinHttpGetDefaultProxyConfiguration
WinHttpCloseHandle
WinHttpOpen
Sections
.text Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 334KB - Virtual size: 73MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.huf Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.row Size: 1024B - Virtual size: 626B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.kigoj Size: 1024B - Virtual size: 963B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ