Static task
static1
Behavioral task
behavioral1
Sample
19b7db1755e444c14ee0ac7c439e78fce09a29772ac5d9456fee873145f1b441.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
19b7db1755e444c14ee0ac7c439e78fce09a29772ac5d9456fee873145f1b441.exe
Resource
win10v2004-20220414-en
General
-
Target
19b7db1755e444c14ee0ac7c439e78fce09a29772ac5d9456fee873145f1b441
-
Size
216KB
-
MD5
c234119dd7a60c83cee311446605ff57
-
SHA1
6103a6d76359340a399fc2aa77ab1f62125a8703
-
SHA256
19b7db1755e444c14ee0ac7c439e78fce09a29772ac5d9456fee873145f1b441
-
SHA512
05a7de1bd27d28e5da2c8b1933adeb4c66fbebddecfeda9099ef6c6f7f4f1138cdf0863214f3245463cfd6330665b0613cdf8219fbab9b2d49f83e9ad1849ef8
-
SSDEEP
3072:sNux7KlxUJh+JMXOkJ5bw/eIAyqM0ZRxzWebRQyKa6b0qCStX:sqmJM+V/eIAhM0zxiebIb4
Malware Config
Signatures
Files
-
19b7db1755e444c14ee0ac7c439e78fce09a29772ac5d9456fee873145f1b441.exe windows x86
9db08d7deeacc6576bf88f8280ba671f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
LookupPrivilegeValueA
GetTokenInformation
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
AdjustTokenPrivileges
SetServiceStatus
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken
FreeSid
AllocateAndInitializeSid
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
kernel32
GetThreadLocale
GetVersionExA
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
SetFileAttributesA
GetFileAttributesA
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RtlUnwind
GetProcessHeap
GetStartupInfoW
RaiseException
ExitProcess
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
GlobalGetAtomNameA
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetVersion
GetCurrentThread
DuplicateHandle
PeekNamedPipe
GetExitCodeProcess
GetEnvironmentVariableA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
HeapSize
OpenMutexA
CreateMutexA
MoveFileExA
GetCurrentProcessId
GetFileTime
GetCurrentDirectoryA
Sleep
GetModuleFileNameA
GetSystemInfo
GetTempPathA
CompareStringA
lstrlenA
VirtualProtect
GlobalFlags
lstrcmpA
SetStdHandle
SetLastError
SizeofResource
LockResource
GetCurrentThreadId
CloseHandle
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FindResourceA
LoadResource
user32
PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameA
PtInRect
GetWindowTextA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
SendMessageA
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSysColorBrush
GetSysColor
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetWindowRect
comctl32
ord17
ImageList_BeginDrag
ImageList_DragLeave
_TrackMouseEvent
oleaut32
VariantInit
VariantClear
VariantChangeType
gpedit
CreateGPOLink
DeleteGPOLink
ImportRSoPData
BrowseForGPO
gdi32
ExtTextOutA
SaveDC
RestoreDC
SetTextColor
SetMapMode
SetBkColor
PtVisible
RectVisible
TextOutA
GetClipBox
CreateBitmap
DeleteObject
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
oleacc
LresultFromObject
CreateStdAccessibleObject
Sections
.text Size: 172KB - Virtual size: 170KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ