Static task
static1
Behavioral task
behavioral1
Sample
ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d.exe
Resource
win10v2004-20220414-en
General
-
Target
ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d
-
Size
2.8MB
-
MD5
7c59b7e996ff2c53ff916e7ae9208618
-
SHA1
8dd9b9b17ec3759c430346bfc961d79d1e32b2a2
-
SHA256
ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d
-
SHA512
3d3d8d8d9edf5f08c6ab041677f47b7ee8fb04f3f819bd3872f522bb713440e173354d9e16a780bd0d4867cb78edfaab47da73423338a547e1ff36724c3f94a0
-
SSDEEP
49152:Y9haBlP3fa0UZGSXl7I4wM1N4aXQ25UbjSdO/48A1F0ll1BZjPozmQqSsSEXJZWA:6UzUZG4lM4wM16aAbjSfh1F0l3zoyLSe
Malware Config
Signatures
Files
-
ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d.exe windows x86
8b70a799ff5cf89012d0a76d71670a31
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualProtect
CreateFileA
DeviceIoControl
GlobalMemoryStatus
GetLastError
GetSystemDEPPolicy
GetModuleHandleW
CreateActCtxA
GetConsoleWindow
GetModuleFileNameA
SetPriorityClass
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
CreateThread
GetComputerNameA
FreeLibrary
CreateFileMappingA
MapViewOfFile
GetLocalTime
GetTickCount
Sleep
LoadLibraryA
GetCurrentThreadId
TerminateThread
WaitForSingleObject
WideCharToMultiByte
MultiByteToWideChar
VirtualFree
VirtualAlloc
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
OpenProcess
GetModuleHandleA
GetProcAddress
CloseHandle
ActivateActCtx
user32
TranslateMessage
GetMessageW
ShowWindow
SetLayeredWindowAttributes
UpdateWindow
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
RegisterClassW
LoadCursorW
CallWindowProcA
DefWindowProcW
MoveWindow
DispatchMessageW
GetCursorPos
GetWindowRect
DrawTextA
GetWindowLongW
GetDC
GetWindowTextA
EnumDisplayDevicesA
SendMessageW
SendMessageA
GetClientRect
MessageBoxA
GetAsyncKeyState
gdi32
CreatePen
GetObjectW
CreateCompatibleDC
CreateSolidBrush
StretchBlt
Rectangle
SetBkColor
SetTextColor
LineTo
SelectObject
MoveToEx
advapi32
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
ws2_32
socket
closesocket
send
WSAGetLastError
htons
connect
WSAStartup
recv
msvcrt
fgets
vsprintf
__wgetmainargs
_cexit
_exit
exit
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
sscanf
tolower
remove
fprintf
fopen
rand
sprintf
free
malloc
strstr
_localtime64
_XcptFilter
fclose
_stricmp
_ftol2_sse
memcpy
memset
comctl32
InitializeFlatSB
FlatSB_SetScrollProp
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 776KB - Virtual size: 2.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE