Static task
static1
Behavioral task
behavioral1
Sample
2d73c692a7022cb1909ff198b88c9a9681adec2a26808502e111990606d10874.exe
Resource
win7-20220414-en
General
-
Target
2d73c692a7022cb1909ff198b88c9a9681adec2a26808502e111990606d10874
-
Size
122KB
-
MD5
6d67aed7eba8993f593ffe6d319bd3d0
-
SHA1
2fbe69f4e179d6febd94e6b69020ab5b2c1f0772
-
SHA256
2d73c692a7022cb1909ff198b88c9a9681adec2a26808502e111990606d10874
-
SHA512
54ebf544e3f1d5daa4d4274c3e16956f4064527bc7c3c59aa7636d2879ea63900a3d7c05e24bf4d2680cc28117732055f343d38bde494f07ea775b5c3ff44daa
-
SSDEEP
3072:5PZGhVnzRB9iYAWGR1hIgRxEsXsMQ6ulWtzEUhUGTly:6HzRB9iYSDhIYxxQWtznhZTly
Malware Config
Signatures
Files
-
2d73c692a7022cb1909ff198b88c9a9681adec2a26808502e111990606d10874.exe windows x86
b4d1db645d2790b13faf5b33e642b7dd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdsapi
DsReplicaSyncA
DsListRolesA
DsFreeDomainControllerInfoA
msvcrt
_itoa
mblen
fwrite
iswalpha
setvbuf
memcpy
printf
labs
localeconv
isupper
user32
SetWindowTextA
DrawFocusRect
GetShellWindow
GetClassNameA
GetWindowRect
GetDesktopWindow
FindWindowW
CopyRect
wsprintfA
GetDlgCtrlID
comdlg32
CommDlgExtendedError
GetOpenFileNameA
PrintDlgW
GetFileTitleA
PageSetupDlgW
mprapi
MprAdminMIBEntrySet
shell32
Shell_NotifyIconA
DragAcceptFiles
SHEmptyRecycleBinW
SHInvokePrinterCommandW
ExtractIconW
SHQueryRecycleBinW
ExtractAssociatedIconA
ShellAboutA
Shell_NotifyIconW
SHInvokePrinterCommandA
urlmon
URLOpenBlockingStreamA
SetSoftwareUpdateAdvertisementState
RegisterFormatEnumerator
setupapi
SetupInstallServicesFromInfSectionExW
SetupSetFileQueueAlternatePlatformA
SetupDiGetClassDescriptionW
SetupCommitFileQueueW
SetupLogFileA
oleaut32
VarBstrCmp
kernel32
LocalAlloc
InterlockedExchange
LoadLibraryA
LocalFree
GetProcAddress
lstrcatA
GetBinaryTypeA
GetModuleFileNameA
ReadProcessMemory
GetCurrentProcess
GetModuleHandleA
GetTickCount
GetCommandLineW
ExitProcess
GetCurrentThreadId
GetCurrentThread
OpenFile
IsBadReadPtr
GetVolumeInformationW
CopyFileW
SetDefaultCommConfigA
FindVolumeMountPointClose
GetCommMask
GetStartupInfoW
IsBadCodePtr
lstrlenA
GetThreadContext
CreateEventW
LCMapStringA
FillConsoleOutputCharacterA
CallNamedPipeA
TransmitCommChar
GetLastError
GetBinaryTypeW
WriteTapemark
IsDBCSLeadByte
FreeLibrary
MoveFileWithProgressW
InitializeCriticalSection
FormatMessageA
SetConsoleTitleA
GetLogicalDriveStringsW
LocalFlags
DeactivateActCtx
WaitCommEvent
EnumCalendarInfoExW
GetQueuedCompletionStatus
CreateProcessW
FindResourceA
ReadConsoleOutputA
TlsSetValue
RaiseException
VirtualQuery
EnumResourceNamesW
SetHandleCount
GetCommTimeouts
GlobalAddAtomA
lstrcpyW
GetLocaleInfoA
ole32
DoDragDrop
SNB_UserSize
OleConvertIStorageToOLESTREAMEx
ReleaseStgMedium
CoRevokeMallocSpy
StgConvertPropertyToVariant
imm32
ImmReleaseContext
ImmGetDefaultIMEWnd
ImmGetImeMenuItemsW
Sections
.text Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.crt1 Size: 512B - Virtual size: 10B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE