Bewalk
Static task
static1
Behavioral task
behavioral1
Sample
r6x7x6rf.dll
Resource
win7-20220414-en
General
-
Target
r6x7x6rf.zipgiqgpocg
-
Size
864KB
-
MD5
d51dfce479bc8731a7489fabec3538c6
-
SHA1
4c45a11b9d18b243d5f7c9183cf316e6d545212d
-
SHA256
c83b1f21b3c13741c8047162999e5c60b7360342713f095719b22837eae0b01d
-
SHA512
f30007eb503775c908a2b4406f5c763257cf28c5935f7d9b74fab532ba299447e5c11470beb1fbfa773b92b92011e10b87948f91e715c60ac08517d808d48e57
-
SSDEEP
12288:hkhQ3apnb9b8pZ8F9wWQ9NvT5weZjo84ysnTw1voqnBYwq6cXT953tRNY:hkqqpnbd9wWSGwj7/sM1g/wxcD95Z
Malware Config
Signatures
Files
-
r6x7x6rf.zipgiqgpocg.dll windows x86
cba5c901c2b411c5a4358cd6db7672ce
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetSystemTimeAsFileTime
GetProcessHeap
SetSystemPowerState
FormatMessageW
GetCPInfo
VirtualProtect
Sleep
GetSystemDirectoryW
FindFirstChangeNotificationW
GetTempPathW
VirtualProtectEx
FlushFileBuffers
RaiseException
HeapValidate
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
GetModuleFileNameW
SetUnhandledExceptionFilter
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleA
ExitProcess
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
WriteFile
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
RtlUnwind
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
CloseHandle
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Exports
Exports
Sections
.text Size: 556KB - Virtual size: 554KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 276KB - Virtual size: 275KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ