Static task
static1
Behavioral task
behavioral1
Sample
3576d8e57c835f522ebaa917700dbabecc817dcdc7b4d21d2b155e7fe4977455.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3576d8e57c835f522ebaa917700dbabecc817dcdc7b4d21d2b155e7fe4977455.exe
Resource
win10v2004-20220414-en
General
-
Target
3576d8e57c835f522ebaa917700dbabecc817dcdc7b4d21d2b155e7fe4977455
-
Size
104KB
-
MD5
67260c5c5215244985a54f8c8092bc8d
-
SHA1
5d8c9edaee2219781a8488f21fdb1e193b8dc8a6
-
SHA256
3576d8e57c835f522ebaa917700dbabecc817dcdc7b4d21d2b155e7fe4977455
-
SHA512
f31c7f275b42366eed39d5517be6a406645929c92bc6a471a1ebbc83ed1318c0c23982dca33b3351fd2088a335b213ef3db45fa6ba025c00b13a5427ae13e2df
-
SSDEEP
3072:cf0jCjvTsI3GJkoILOAPBqr7UXhEZc+C:ccjwQI3OQCU6Zcd
Malware Config
Signatures
Files
-
3576d8e57c835f522ebaa917700dbabecc817dcdc7b4d21d2b155e7fe4977455.exe windows x86
28dc34f2a73cee3ab4c270ec953c3703
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
dbnmpntw
ConnectionError
ConnectionWrite
ConnectionRead
ConnectionClose
ConnectionVer
advapi32
RegUnLoadKeyW
ReadEventLogA
RegRestoreKeyA
RegOpenKeyW
OpenServiceA
GetUserNameW
RegLoadKeyW
RegEnumKeyA
CryptSignHashW
RegCreateKeyExW
kernel32
CreateMutexA
VirtualFreeEx
VirtualAllocEx
GetModuleHandleA
FindVolumeClose
TlsSetValue
AddAtomA
LoadLibraryExW
GetSystemTime
GetCurrentProcess
SetCurrentDirectoryW
LoadLibraryExA
ReadFile
InterlockedIncrement
GetShortPathNameA
CopyFileA
FindFirstFileA
OpenSemaphoreA
CreateSemaphoreA
FindAtomA
OpenFileMappingA
Sections
.code Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_MEM_READ
.ydata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rel Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ