Static task
static1
Behavioral task
behavioral1
Sample
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59.exe
Resource
win7-20220414-en
General
-
Target
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59
-
Size
344KB
-
MD5
6f93d14cf03f1b099d378cfa87e5d9ab
-
SHA1
00dfb5e64b1f5cfb1995562f91ad690ed19659b0
-
SHA256
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59
-
SHA512
cd6ea17bf7b038978771552905100d0fa51a899214b21c322ea5aa3550a0c7501cf0b792dea78b22ae94120c369cbf42e3003c2196acb923163288d46268c789
-
SSDEEP
3072:M/v5RNGAFoMBmip7wtj1ThsLh6sAfFixKi6/lLmr3WX1VD9GRpPImDNz+jfx:y5RNReipcxsLh6jIKiSJCWX1VIxjpi
Malware Config
Signatures
Files
-
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59.exe windows x86
8aac1122ff871b5d993d789bd545bfe0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindResourceA
CreateEventA
FileTimeToSystemTime
GetVersion
GetVolumeInformationA
GetModuleFileNameA
Sleep
VirtualProtectEx
CompareStringW
CreateFileW
GetDateFormatA
WriteConsoleW
GetProcessHeap
SetEndOfFile
HeapSize
LoadLibraryW
LCMapStringW
HeapReAlloc
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleHandleA
GetVersionExA
OpenProcess
GetSystemTime
CreateFileA
QueryPerformanceCounter
SetStdHandle
GetStringTypeW
RaiseException
GetCurrentProcessId
GetTickCount
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
WriteFile
ExitProcess
IsProcessorFeaturePresent
HeapAlloc
GetTimeZoneInformation
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
InterlockedDecrement
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
GetTimeFormatA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
ReadFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetFilePointer
HeapFree
CloseHandle
RtlUnwind
TlsAlloc
SetEnvironmentVariableA
user32
SetWindowLongA
InflateRect
GetDoubleClickTime
EndDeferWindowPos
ExitWindowsEx
IntersectRect
CreateWindowExA
LoadIconA
DialogBoxIndirectParamA
SetMenuItemInfoA
CallWindowProcA
GetAncestor
IsWindow
SetScrollInfo
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
AddPrinterConnectionA
comctl32
ImageList_ReplaceIcon
ImageList_DragShowNolock
comdlg32
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ole32
OleUninitialize
OleSetContainedObject
OleInitialize
shlwapi
PathRemoveBackslashA
StrStrIA
PathStripPathA
PathRemoveBlanksA
msacm32
acmDriverAddA
acmDriverClose
acmDriverDetailsA
acmDriverEnum
acmDriverID
acmDriverMessage
acmDriverOpen
acmDriverPriority
acmDriverRemove
acmFilterChooseA
acmFilterDetailsA
acmFilterEnumA
acmFilterTagDetailsA
acmFilterTagEnumA
acmFormatChooseA
acmFormatDetailsA
acmFormatEnumA
acmFormatSuggest
acmFormatTagDetailsA
acmFormatTagEnumA
acmGetVersion
Sections
.text Size: 190KB - Virtual size: 189KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 122KB - Virtual size: 121KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ