Static task
static1
Behavioral task
behavioral1
Sample
2c25565a6d02c36444f03c5ba87205130bafd23d6eda9d00c6968c1a58c36827.exe
Resource
win7-20220414-en
General
-
Target
2c25565a6d02c36444f03c5ba87205130bafd23d6eda9d00c6968c1a58c36827
-
Size
480KB
-
MD5
78f1cbb6aaa045d1c0a3c37f066681f0
-
SHA1
83a03fc6f5fe30c4e2c9c6bdebc709631043d5c8
-
SHA256
2c25565a6d02c36444f03c5ba87205130bafd23d6eda9d00c6968c1a58c36827
-
SHA512
b03c9cb9862cfd556339c7bc1293a61ca7e31b0115aa266b1ba904c53aabaf2158f49bf6c91a071a56448d357f4650bec10e5e65e0b04f32aa8072dd86fabce1
-
SSDEEP
6144:cLe/kcAjc0M/9M7cAD+n1HsYLAMex2OExaQTUGWKEeF7Humkkkf:cLe/GO/q7cH1Hk5m0QTUGWqF7OVk
Malware Config
Signatures
Files
-
2c25565a6d02c36444f03c5ba87205130bafd23d6eda9d00c6968c1a58c36827.exe windows x86
117e69a6bac830288e338b0640a0e04a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindResourceA
GetEnvironmentVariableA
GetVolumeInformationA
GetModuleHandleA
OpenProcess
Sleep
CreateFileA
GetSystemDirectoryA
GetVersionExA
GetDateFormatA
GetWindowsDirectoryA
GetLocalTime
GetProcessHeap
GetSystemTimeAsFileTime
GetSystemTime
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
VirtualProtect
RtlUnwind
RaiseException
GetLastError
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
HeapAlloc
HeapValidate
GetSystemInfo
GetModuleHandleExW
ExitProcess
GetStdHandle
WriteFile
GetACP
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetFileType
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
CreateThread
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineA
GetCommandLineW
FindClose
FindFirstFileExA
FindNextFileA
SetStdHandle
ReadConsoleW
CreateFileW
InitializeSListHead
GetModuleFileNameA
advapi32
SystemFunction036
Sections
.text Size: 448KB - Virtual size: 447KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 15.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ