Static task
static1
Behavioral task
behavioral1
Sample
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d.exe
Resource
win10v2004-20220414-en
General
-
Target
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
Size
557KB
-
MD5
11db2be72948149d039223e80f20c7bb
-
SHA1
f3c8ad546a0830a6d5eae197ef812479b1520696
-
SHA256
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d
-
SHA512
38457af6ec05d23d5851ec2f7d7f0e281fd9634df2d44a50db1a75c73c4e8c42bacfd7e77445f83a981e479dbb1cd27250f450900d05bef37f701f590c7bc91a
-
SSDEEP
12288:NxbusqTg4e61ZyhuzYzh/Sxii5d9munj:NxiTF1ZyMzFd91
Malware Config
Signatures
Files
-
a352d00e0322a0e397f167c1164f7667c672935ba14d29c4f4b60f26d0a88f5d.exe windows x86
b6d7905d70e481089e212affbfa01ac8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetVolumeNameForVolumeMountPointW
SetEnvironmentVariableA
SetStdHandle
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
LCMapStringW
CompareStringW
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
RtlUnwind
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ReadFile
GetStartupInfoW
LoadLibraryExW
OutputDebugStringW
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentDirectoryA
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
HeapSize
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetProcAddress
ExitProcess
RaiseException
GetCommandLineA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
HeapAlloc
HeapFree
DecodePointer
EncodePointer
WriteFile
FindNextFileA
SetFileApisToOEM
VirtualAlloc
FindFirstFileA
GetModuleFileNameW
GetFileAttributesA
CreateEventA
OpenProcess
FormatMessageA
ConnectNamedPipe
CreateProcessW
lstrlenA
FindResourceA
ReleaseMutex
CreateMutexW
SetFileTime
SetFilePointer
GetFileSize
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetLogicalDrives
CreateDirectoryW
GetCurrentProcess
MoveFileExW
FindFirstFileW
VirtualQuery
GetVolumeInformationW
LocalFree
GetCommandLineW
CreateThread
ResumeThread
SuspendThread
GetFileTime
FlushFileBuffers
CreateFileW
CloseHandle
GetCurrentThreadId
GetLocalTime
GetLastError
FormatMessageW
Sleep
GetTickCount
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleA
user32
SetFocus
SetWindowPos
ScreenToClient
CreateWindowExW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
SendMessageW
GetWindowRect
DestroyWindow
CreateWindowExA
SetMenuItemInfoW
DestroyMenu
CreatePopupMenu
AppendMenuW
CreateAcceleratorTableW
EndPaint
ClientToScreen
EnumDisplaySettingsExA
SetActiveWindow
InsertMenuItemA
PostQuitMessage
GetKeyNameTextA
GetSubMenu
CreateMenu
LoadMenuA
LoadIconA
wsprintfA
DrawIcon
FindWindowW
GetWindowTextLengthA
SendMessageA
BeginPaint
GetDC
DrawFocusRect
GetForegroundWindow
OffsetRect
GetWindowTextA
SetWindowLongA
GetWindowLongA
LoadBitmapA
SetScrollPos
EnableMenuItem
GetDlgItem
DefWindowProcA
GetCursorPos
GetSysColorBrush
IsDlgButtonChecked
IsWindow
SetCaretBlinkTime
LoadImageA
UpdateWindow
EnumDisplayDevicesA
GetWindowThreadProcessId
MoveWindow
TranslateAcceleratorW
LoadImageW
LoadCursorW
GetClientRect
TranslateMessage
IsDialogMessageW
RegisterClassExW
MessageBoxA
SystemParametersInfoW
PeekMessageW
GetDesktopWindow
ShowWindow
GetSystemMetrics
DefWindowProcW
DispatchMessageW
PostThreadMessageW
LoadIconW
DestroyAcceleratorTable
gdi32
EnumObjects
CreateFontIndirectW
TextOutA
GetTextExtentPoint32A
SetViewportOrgEx
ExtEscape
DeleteDC
GetDIBits
DeleteObject
CreateDCA
GetTextCharsetInfo
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
winspool.drv
ConfigurePortA
comdlg32
GetSaveFileNameW
GetOpenFileNameW
GetOpenFileNameA
advapi32
RegQueryValueExA
OpenProcessToken
RegOpenKeyExA
shell32
SHGetFileInfoA
SHGetFolderPathW
SHFileOperationA
CommandLineToArgvW
ShellExecuteW
ole32
CoRegisterClassObject
CoInitialize
CLSIDFromString
CoUninitialize
oleaut32
SafeArrayCreate
VariantInit
SafeArrayLock
SafeArrayUnaccessData
SafeArrayPtrOfIndex
SafeArrayAccessData
LoadTypeLibEx
SysAllocString
SafeArrayUnlock
psapi
EnumProcesses
GetModuleFileNameExA
GetModuleInformation
crypt32
CryptVerifyMessageSignature
CryptGetMessageSignerCount
comctl32
ImageList_Add
ord17
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
winmm
mciGetErrorStringA
mciSendCommandA
midiOutGetDevCapsA
imm32
ImmGetProperty
ImmGetRegisterWordStyleA
ImmGetStatusWindowPos
shlwapi
PathIsDirectoryW
PathAddBackslashW
PathFileExistsW
PathCompactPathA
PathRemoveBackslashW
PathRemoveFileSpecW
setupapi
SetupDiGetClassDevsW
uxtheme
SetWindowTheme
dxva2
GetCapabilitiesStringLength
netapi32
DsRoleGetPrimaryDomainInformation
NetWkstaGetInfo
userenv
GetUserProfileDirectoryW
msvfw32
ICClose
ICCompressorFree
ICCompressorChoose
ICGetInfo
ICOpen
ICSendMessage
avifil32
AVIFileCreateStreamA
AVIFileExit
AVIMakeCompressedStream
AVIFileRelease
AVIStreamWrite
AVIFileOpenA
AVIStreamSetFormat
AVIFileInit
AVIStreamRelease
avicap32
capGetDriverDescriptionA
rpcrt4
I_RpcBindingInqLocalClientPID
I_RpcBindingInqDynamicEndpointA
Sections
.text Size: 139KB - Virtual size: 139KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 353KB - Virtual size: 353KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ