Static task
static1
Behavioral task
behavioral1
Sample
1df5bbc1cff3a247d6c3c11980b0118986e74e17e7f3836b3dea87e6f09545e9.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1df5bbc1cff3a247d6c3c11980b0118986e74e17e7f3836b3dea87e6f09545e9.exe
Resource
win10v2004-20220414-en
General
-
Target
1df5bbc1cff3a247d6c3c11980b0118986e74e17e7f3836b3dea87e6f09545e9
-
Size
459KB
-
MD5
ad75aa67ed2a0092901c74856ccf26d8
-
SHA1
2eb24c6044442e90cf309cee62e7acc989e47405
-
SHA256
1df5bbc1cff3a247d6c3c11980b0118986e74e17e7f3836b3dea87e6f09545e9
-
SHA512
aa15086950eb5e4aa342a21f3e7b2d684fd151e78f99e6cda920e086591a95cbcb0f1eb1fb4600e7d6562429e120fb8376b3ed8d2b852ec77ae81d330a2563ff
-
SSDEEP
6144:O8m6ZyU1LkB5lNj8/qh1PyaaDjIATOz9IFM8K81pWlC7MQf6JgE5LbBy:OP6Zp1LEfqqryMEaIFfK81pmC7MQfFy
Malware Config
Signatures
Files
-
1df5bbc1cff3a247d6c3c11980b0118986e74e17e7f3836b3dea87e6f09545e9.exe windows x86
5e252069dfd948891bd703ff97e041d6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
UpdateWindow
LoadCursorW
RegisterClassExW
SetWindowLongW
EndDialog
CreateWindowExW
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
GetWindowLongW
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
GetParent
MapWindowPoints
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
shell32
SHChangeNotify
SHBrowseForFolderW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHGetPathFromIDListW
ShellExecuteExW
ole32
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
OleUninitialize
CLSIDFromString
advapi32
RegSetValueExW
RegOpenKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegCreateKeyExW
AdjustTokenPrivileges
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
gdi32
CreateCompatibleDC
SelectObject
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
DeleteObject
StretchBlt
comctl32
InitCommonControlsEx
kernel32
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LeaveCriticalSection
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
EnterCriticalSection
VirtualAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleFileNameA
LCMapStringA
DeleteCriticalSection
SystemTimeToFileTime
GetProcAddress
GetNumberFormatW
GetLastError
SetLastError
CloseHandle
GetCurrentProcess
SetFileTime
MoveFileW
SetFilePointer
SetEndOfFile
GetFileType
CreateFileA
GetCurrentDirectoryW
CreateFileW
ReadFile
GetStdHandle
WriteFile
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
FreeLibrary
LoadLibraryW
SetCurrentDirectoryW
GetCPInfo
IsDBCSLeadByte
CompareStringW
GetSystemTime
LocalFileTimeToFileTime
OpenFileMappingW
SetEnvironmentVariableW
CreateFileMappingW
GetCommandLineW
MapViewOfFile
UnmapViewOfFile
MoveFileExW
GetTempPathW
GetExitCodeProcess
Sleep
WaitForSingleObject
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatW
GetDateFormatW
DosDateTimeToFileTime
SetFileAttributesW
GetLocaleInfoW
ExitProcess
CompareStringA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetModuleHandleW
FindResourceW
GetModuleFileNameW
MultiByteToWideChar
GetFullPathNameW
GetFullPathNameA
GetVersionExW
GlobalAlloc
WideCharToMultiByte
GetTickCount
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryW
CreateDirectoryA
DeleteFileA
DeleteFileW
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
Sections
.text Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 382KB - Virtual size: 533KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 528B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ