Static task
static1
Behavioral task
behavioral1
Sample
e76f20c61fd3a8c306a2e4901d864033df9a3bbde6d06420ebabaf13340d1311.exe
Resource
win7-20220414-en
General
-
Target
e76f20c61fd3a8c306a2e4901d864033df9a3bbde6d06420ebabaf13340d1311
-
Size
5.0MB
-
MD5
06bb2fc76d08b831f2fa9513ed6cd830
-
SHA1
fa7e1b51e49ef679babefbf8ec36e6063ac30bbe
-
SHA256
e76f20c61fd3a8c306a2e4901d864033df9a3bbde6d06420ebabaf13340d1311
-
SHA512
4f220527b791acb1b6909b99b0630d50fc1ca7816a3f36feb9eab0b402f2ac33570c32247f38d936afb4da1878e08983d465e261996caf9a2342609a0b95cb2c
-
SSDEEP
98304:bJTsIjGrJGgqbMaOzGmRwlwpgstuzqxFfItUKDafYYKD1qm79Pjytu5VNf:bJKGsaPmRw8AtUKDDD15JPjl
Malware Config
Signatures
Files
-
e76f20c61fd3a8c306a2e4901d864033df9a3bbde6d06420ebabaf13340d1311.exe windows x86
226f2e16f054980caf4cc3621de9f3df
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
DebugActiveProcess
GetEnvironmentVariableW
FillConsoleOutputCharacterA
HeapReAlloc
GetNativeSystemInfo
WritePrivateProfileStructA
DebugActiveProcessStop
GetDefaultCommConfigW
FindResourceW
WaitNamedPipeA
WaitForSingleObject
SetTapeParameters
GetModuleHandleW
GetTickCount
ExpandEnvironmentStringsA
ReadConsoleW
FormatMessageA
EnumTimeFormatsA
EnumTimeFormatsW
GetSystemDirectoryW
GetFirmwareEnvironmentVariableA
GetStringTypeExW
IsProcessorFeaturePresent
GetVolumePathNamesForVolumeNameW
ReplaceFileW
CreateMailslotW
WritePrivateProfileStringW
EnumSystemLocalesA
VerifyVersionInfoW
GetProfileIntA
Module32First
GetProcAddress
GetLongPathNameA
DefineDosDeviceW
HeapUnlock
MoveFileW
CreateFileMappingA
LocalAlloc
FindFirstVolumeMountPointW
OpenEventA
GetProfileStringA
SetLocaleInfoW
CancelIo
WriteProfileStringW
MoveFileWithProgressW
GetConsoleProcessList
ExpandEnvironmentStringsW
CreateFileW
FlushFileBuffers
GetStringTypeW
WriteConsoleW
EncodePointer
DecodePointer
GetCommandLineA
RaiseException
RtlUnwind
IsDebuggerPresent
GetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapFree
HeapAlloc
SetLastError
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateSemaphoreW
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringW
SetStdHandle
CloseHandle
user32
RealGetWindowClassA
ToUnicode
GetMenuBarInfo
Sections
.text Size: 165KB - Virtual size: 165KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ