Static task
static1
Behavioral task
behavioral1
Sample
5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566.exe
Resource
win10v2004-20220414-en
General
-
Target
7500476132.zip
-
Size
385KB
-
MD5
0cec276fcb9669b772e3995fd29653a8
-
SHA1
bf4e107761e572f3920676a20111547c945c246e
-
SHA256
8cd0262e8a1a7c54c00bdcabceca038d6608ebeba1c1dcf9de91b692245c89bb
-
SHA512
ae3e99f76cbc1f68a32f870c8fba92b47467d5d877912f66046174b9661d17928fec579ae0efc305d6d394e1d613dd9825f909f2d78bf1c2b192144e965abdb2
-
SSDEEP
12288:+j05WOwvDmvtoLh70tbaisl0+Em7kP0mOSfLChMtRg:B5W9DStcAtd60Yk6UJc
Malware Config
Signatures
Files
-
7500476132.zip.zip
Password: infected
-
5a9e1f1ec578f5ce610a2a830a63b07280688818088c7c2999a6f3f2a5d5f566.exe windows x86
Password: infected
216df81b1ef7bc2aa8ec52bbeef137c9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathAppendW
activeds
ord9
ord15
kernel32
CreateProcessW
GetSystemTime
lstrlenW
LocalFree
advapi32
CheckTokenMembership
CreateWellKnownSid
ole32
CoCreateInstance
CoSetProxyBlanket
Sections
.text Size: 896KB - Virtual size: 895KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 62KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 470B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ