Static task
static1
Behavioral task
behavioral1
Sample
3fd9b1adcb7a64a0ef8d47423bcf984a02b8a7b96fb3467a09d278385a1080e3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3fd9b1adcb7a64a0ef8d47423bcf984a02b8a7b96fb3467a09d278385a1080e3.exe
Resource
win10v2004-20220414-en
General
-
Target
3fd9b1adcb7a64a0ef8d47423bcf984a02b8a7b96fb3467a09d278385a1080e3
-
Size
329KB
-
MD5
4307f050fdd98a39e1c38dc1d56abb4a
-
SHA1
ae3489b94b4a396c82e966de39e49974e84d432c
-
SHA256
3fd9b1adcb7a64a0ef8d47423bcf984a02b8a7b96fb3467a09d278385a1080e3
-
SHA512
9a55a3109f4fba4270f1c13ba37cf7d8a7114a9bd93c11c3b3f59c02d544c708e3ff55f804497d6cb416dc4fc792f21d18901e0cc17f9369736d805d73fc648b
-
SSDEEP
6144:3Kzdgl/ZWKOtAObo7zoooocIuFp1rgvW+TrGlbiRenD+uwELn6eVJTOF:ognWvtFoQvmvW8KlshVAG
Malware Config
Signatures
Files
-
3fd9b1adcb7a64a0ef8d47423bcf984a02b8a7b96fb3467a09d278385a1080e3.exe windows x86
64a574328faca3de90597572f0eb40b6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
RealChildWindowFromPoint
SendMessageW
GetMouseMovePointsEx
ToAsciiEx
VkKeyScanExA
SetScrollPos
GetFocus
GetDC
GetWindowTextA
CloseWindow
GetScrollPos
AppendMenuA
GetGUIThreadInfo
GetScrollBarInfo
IsCharLowerA
ReleaseCapture
ole32
CoDisconnectObject
OleDestroyMenuDescriptor
advapi32
RegDeleteValueW
gdi32
DeleteMetaFile
GetAspectRatioFilterEx
EndPage
Arc
SetColorSpace
ColorMatchToTarget
GetDCOrgEx
CreateHatchBrush
CreateCompatibleDC
StartDocW
SetROP2
GetBrushOrgEx
GetGlyphOutlineW
GetMapMode
GetCharABCWidthsA
SetViewportExtEx
GetCharWidth32W
ResetDCW
FrameRgn
SetBkMode
GetTextMetricsW
GetLayout
GetRgnBox
MaskBlt
GetTextColor
EnumICMProfilesA
netapi32
NetWkstaTransportAdd
winspool.drv
DocumentPropertiesW
kernel32
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapSize
VirtualProtect
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
OpenProcess
CreateMemoryResourceNotification
DefineDosDeviceW
SetPriorityClass
SetProcessPriorityBoost
EncodeSystemPointer
LockFile
MapUserPhysicalPagesScatter
GetCurrentProcess
GetEnvironmentStrings
CreateDirectoryA
CreateProcessA
DeleteFileA
FindResourceA
FormatMessageA
GetACP
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFullPathNameA
GetLocaleInfoA
GetModuleFileNameA
GetProcAddress
GetSystemDefaultLCID
GetSystemInfo
GetUserDefaultLangID
GetVersionExA
GetWindowsDirectoryA
IsDBCSLeadByte
LoadLibraryA
LoadResource
LockResource
RemoveDirectoryA
SetErrorMode
SetLastError
SizeofResource
Sleep
VirtualQuery
CloseHandle
CreateFileA
ExitProcess
GetFileType
GetSystemTime
GetFileSize
GetStdHandle
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetFilePointer
WriteFile
GetCommandLineA
GetLastError
GetModuleHandleA
MultiByteToWideChar
TlsGetValue
TlsSetValue
WideCharToMultiByte
LocalAlloc
LocalFree
VirtualAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateSemaphoreW
lstrcmpW
lstrcmpiA
GetSystemDirectoryW
DebugActiveProcessStop
SetThreadContext
FindClose
HeapCreate
GlobalMemoryStatus
GetVolumeInformationA
FindFirstFileW
CreateProcessW
GetTimeFormatA
HeapReAlloc
HeapAlloc
GetStartupInfoA
HeapFree
SetUnhandledExceptionFilter
GetModuleHandleW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
Sections
.text Size: 89KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 339KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 198KB - Virtual size: 197KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ