Static task
static1
Behavioral task
behavioral1
Sample
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.exe
Resource
win10v2004-20220414-en
General
-
Target
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.sample
-
Size
235KB
-
MD5
c41a0e1ddeb85b6326a3dc403a5fd0fa
-
SHA1
3c8e60ce5ff0cb21be39d1176d1056f9ef9438fa
-
SHA256
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9
-
SHA512
2e380295fe24b54e04699a43f4b124501f4b25ca356857b7a137718f1904dd60c3d7f40cea11063acbf15f5db85712d94a4572b8729d7cdc20ae9de9ace1882a
-
SSDEEP
6144:MqT9DnJsEEyhxbPL73veqySdCNivJo0v6e:F7jxzL732qyeuivC0y
Malware Config
Signatures
Files
-
d0cde86d47219e9c56b717f55dcdb01b0566344c13aa671613598cab427345b9.sample.exe windows x86
4742764f9c87b3d416555b92c042163f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
Sleep
FindClose
HeapDestroy
FormatMessageW
GetVersionExA
GetVersionExW
lstrlenW
ExitProcess
CloseHandle
CreateEventW
GetLastError
InterlockedDecrement
LoadLibraryA
GetProcAddress
VirtualAlloc
GetCommandLineA
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetCurrentThread
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
OutputDebugStringA
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryExA
InitializeCriticalSection
HeapAlloc
HeapReAlloc
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualProtect
GetSystemInfo
VirtualQuery
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
advapi32
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyW
comctl32
ImageList_Add
Sections
.text Size: 224KB - Virtual size: 223KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ