Static task
static1
Behavioral task
behavioral1
Sample
f4f320fd3ca17e544dc33f90d02a769ecba5dec0f05cc08b9981dfc5a81900f8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f4f320fd3ca17e544dc33f90d02a769ecba5dec0f05cc08b9981dfc5a81900f8.exe
Resource
win10v2004-20220414-en
General
-
Target
f4f320fd3ca17e544dc33f90d02a769ecba5dec0f05cc08b9981dfc5a81900f8.exe
-
Size
300KB
-
MD5
6bf580ccfa8cdef620ba37082e5f7d66
-
SHA1
d0e590d8615e640cc563a5d6294df8278ae3f2e5
-
SHA256
f4f320fd3ca17e544dc33f90d02a769ecba5dec0f05cc08b9981dfc5a81900f8
-
SHA512
f6023345ca884ae4200748a17dc6f45e9001a2de5e09c278298968fd091c91f27c1ee6cfcc11b3934ed02b430a5e34d921aa4ff171db2e86656f0a0a2b49ca5e
-
SSDEEP
6144:9r5VVMlTs1yyLWpgCtFRymt1DfKninWB1lDwv9lbz742oUA3r/z7m7Bi9EJDL:9dVVW99KninWB1xwrTVoUunSNi2x
Malware Config
Signatures
Files
-
f4f320fd3ca17e544dc33f90d02a769ecba5dec0f05cc08b9981dfc5a81900f8.exe.exe windows x86
6728da03e60bbe718ffacc65d5c92de9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetLocaleInfoW
FindFirstVolumeA
GetNamedPipeHandleStateW
CompareFileTime
EnumResourceTypesA
EnumResourceNamesA
FillConsoleOutputCharacterA
GetTimeZoneInformation
TerminateThread
SetLastError
SetEvent
FindNextFileW
GetCompressedFileSizeW
CopyFileExW
BuildCommDCBAndTimeoutsA
QueryDepthSList
GetVersionExW
VerifyVersionInfoA
ReadConsoleOutputCharacterA
SetDefaultCommConfigW
VerLanguageNameA
EscapeCommFunction
WritePrivateProfileStructA
FreeEnvironmentStringsA
CreateTimerQueue
FindNextVolumeMountPointA
ResetWriteWatch
WriteConsoleInputA
SetComputerNameExA
FindAtomW
GlobalDeleteAtom
GetThreadPriority
CallNamedPipeW
GetDriveTypeA
BuildCommDCBAndTimeoutsW
VirtualProtect
LocalAlloc
GetProfileSectionA
GetCommandLineA
InterlockedExchange
FindFirstChangeNotificationW
GetCalendarInfoA
ReleaseActCtx
FindResourceA
FormatMessageA
SetDllDirectoryW
GetModuleHandleW
WritePrivateProfileStringA
GetUserDefaultLangID
TerminateProcess
GlobalFix
HeapValidate
InterlockedCompareExchange
GetStartupInfoA
WriteProfileSectionW
SetCalendarInfoW
DebugBreak
SetConsoleTextAttribute
GetLastError
CopyFileA
DisconnectNamedPipe
WriteProfileSectionA
GetSystemWow64DirectoryW
SetConsoleCursorPosition
ContinueDebugEvent
InterlockedExchangeAdd
GetACP
CreateActCtxW
GetConsoleAliasA
OutputDebugStringW
lstrlenA
WriteConsoleA
GetPrivateProfileSectionNamesA
GlobalWire
FormatMessageW
lstrcatA
EnumCalendarInfoA
SetThreadAffinityMask
VerSetConditionMask
SetConsoleCP
GetSystemWindowsDirectoryA
GetProfileStringW
GetQueuedCompletionStatus
AllocConsole
GlobalGetAtomNameW
SetComputerNameW
GetConsoleAliasExesLengthA
WriteConsoleInputW
CreateMailslotW
GetCommState
MoveFileWithProgressA
GetSystemTimeAdjustment
_lwrite
_lopen
EnumSystemLocalesW
GetConsoleAliasExesLengthW
MoveFileA
GetWriteWatch
GetPrivateProfileStringA
GetModuleHandleA
DeleteAtom
EnumDateFormatsA
LoadLibraryW
WriteConsoleOutputCharacterA
TlsFree
GetComputerNameW
GetConsoleAliasesLengthA
CancelDeviceWakeupRequest
AreFileApisANSI
OpenWaitableTimerW
OpenFileMappingW
SetProcessAffinityMask
GetConsoleAliasesLengthW
SetProcessShutdownParameters
FindNextVolumeMountPointW
SetThreadPriority
ReadConsoleW
WriteConsoleOutputCharacterW
GetNumberFormatW
GetConsoleAliasExesA
GetBinaryTypeA
EnterCriticalSection
InitializeCriticalSection
GetCPInfoExW
LoadLibraryA
DeleteFileA
RaiseException
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetProcAddress
SetStdHandle
GetFileType
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
InterlockedIncrement
InterlockedDecrement
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
GetConsoleOutputCP
MultiByteToWideChar
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
CloseHandle
FlushFileBuffers
gdi32
GetCharWidthA
winhttp
WinHttpConnect
msimg32
AlphaBlend
Sections
.text Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 72KB - Virtual size: 236KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ