Static task
static1
Behavioral task
behavioral1
Sample
414bb592b0111434f9c95e6e396af03803bfc38a5d55fda282142b7186724728.exe
Resource
win7-20220414-en
General
-
Target
414bb592b0111434f9c95e6e396af03803bfc38a5d55fda282142b7186724728
-
Size
172KB
-
MD5
4d6ece858531b5b9040841db3419fd1c
-
SHA1
1ff0bb7169b26962457ed996c5a7aaf3f69aeee0
-
SHA256
414bb592b0111434f9c95e6e396af03803bfc38a5d55fda282142b7186724728
-
SHA512
5f4b3abd23f4572b842abd0c14ebb7fb7cdc2f5d288991fb7ea52ff415193a766567646d9b34529b16bbd5d4adc4d1f0b6847e9d8001a798ae1bc0e1c047075e
-
SSDEEP
3072:EfCxMYH69UvVhPswrC1IpJhwrheKUD36WQDNR1cbVlK1/:EfMa9UtJsiiyJIeKUDKW6xcbU/
Malware Config
Signatures
Files
-
414bb592b0111434f9c95e6e396af03803bfc38a5d55fda282142b7186724728.exe windows x86
7c79d4717c3f01fae57412f1a48031c2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindActCtxSectionStringW
GlobalFlags
GetDriveTypeA
GetVolumeInformationW
GetCurrentConsoleFont
GetNamedPipeServerProcessId
VirtualUnlock
GetStartupInfoW
GetCPInfo
GetPriorityClass
IsProcessorFeaturePresent
ExitProcess
GetDefaultCommConfigW
FormatMessageA
FindNextVolumeMountPointW
lstrcmpiA
GetSystemTimeAsFileTime
comdlg32
GetFileTitleA
advapi32
LogonUserA
LookupPrivilegeNameA
user32
ChildWindowFromPoint
GetShellWindow
LoadMenuA
GetPropW
GetThreadDesktop
GetClassInfoExW
GetClientRect
DeferWindowPos
GetKeyState
GetMenu
oleaut32
LoadTypeLibEx
winspool.drv
GetPrinterDriverDirectoryW
winscard
SCardGetProviderIdA
msvcrt
fgetwc
strcspn
mscms
GetColorProfileHeader
GetStandardColorSpaceProfileW
gdi32
GetTextAlign
GetCharWidth32A
GetSystemPaletteUse
GetClipRgn
GetPixel
ws2_32
listen
Sections
.text Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 332B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ