Static task
static1
Behavioral task
behavioral1
Sample
1e53c04cd46f339b05a6997303f5befc4efc0de76875abe0180fc27d7fe7322d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1e53c04cd46f339b05a6997303f5befc4efc0de76875abe0180fc27d7fe7322d.exe
Resource
win10v2004-20220414-en
General
-
Target
1e53c04cd46f339b05a6997303f5befc4efc0de76875abe0180fc27d7fe7322d
-
Size
482KB
-
MD5
f7f9c6d6ca43fe06303cc2dbd0456742
-
SHA1
2d505875b4e120306259a11dc9f7e4f24030dbc2
-
SHA256
1e53c04cd46f339b05a6997303f5befc4efc0de76875abe0180fc27d7fe7322d
-
SHA512
74bafab7303ee85c1e76d82ee27e86ad6df6bbbbca56ffd6f868260c3fc40feeb7152641e12b0c4841633601b818109c7a4c6792570998404dbc8c50255712d1
-
SSDEEP
6144:qaX3Btyeh9P9BGlYTSHgLuQO6ppQEg3Mcrt9taD03QK0Q4xsIGVKoOTaExPQ6T:rnBt1h9PmDHezO2p+3MKuC0Qlkr
Malware Config
Signatures
Files
-
1e53c04cd46f339b05a6997303f5befc4efc0de76875abe0180fc27d7fe7322d.exe windows x86
e84e7cfccc024d1e531fc63e57eb05c8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetMenuDefaultItem
GetKeyboardLayoutList
GetDlgCtrlID
LoadStringW
FindWindowW
EnableScrollBar
GetQueueStatus
EndDialog
KillTimer
TranslateMessage
IsDialogMessageW
LoadIconW
GetDlgItem
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
CreateDialogParamW
SetDlgItemTextW
SendMessageW
UpdateWindow
DispatchMessageW
CharNextW
shell32
CommandLineToArgvW
SHGetFolderPathW
SHCreateDirectoryExW
ole32
CLSIDFromString
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
advapi32
RegSetValueExW
gdi32
GetObjectW
SetTextColor
GetClipBox
RoundRect
GetDeviceCaps
GetAspectRatioFilterEx
PolylineTo
CreateFontIndirectW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
kernel32
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
QueryPerformanceCounter
GetModuleFileNameA
GetStdHandle
WriteFile
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
LoadLibraryA
RtlUnwind
GetLocaleInfoW
HeapSize
FreeEnvironmentStringsA
FlushFileBuffers
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
TlsGetValue
GetProcAddress
SizeofResource
FreeLibrary
GetCurrentProcess
WaitForSingleObject
OutputDebugStringW
GetModuleHandleW
LoadLibraryW
FindResourceW
CreateMutexW
GetLocalTime
SetFilePointer
ResumeThread
CreateFileMappingW
IsWow64Process
MapViewOfFile
GetEnvironmentVariableW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
GetCPInfo
HeapFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
ExitProcess
Sections
.text Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 371KB - Virtual size: 522KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ