Static task
static1
Behavioral task
behavioral1
Sample
47bad52757620adb213d227f70fdcd6cc2e50f5316e629d817ba74bfc91c556b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
47bad52757620adb213d227f70fdcd6cc2e50f5316e629d817ba74bfc91c556b.exe
Resource
win10v2004-20220414-en
General
-
Target
47bad52757620adb213d227f70fdcd6cc2e50f5316e629d817ba74bfc91c556b
-
Size
543KB
-
MD5
66b40402415c703185a67c670a11e317
-
SHA1
8b28833b86a573a984503179234da27e63645fb4
-
SHA256
47bad52757620adb213d227f70fdcd6cc2e50f5316e629d817ba74bfc91c556b
-
SHA512
cfe0e075ae3b43b56078312a98cf8737a6efe33dcca73eee6333aba73a2eb789f560ea3adf7abb62f59357a35b84c833de0d764be81803fd22f9403cd2d02482
-
SSDEEP
6144:i9/ol3Bn7JwLnS5rmLgeEwTNcp2eouwVReMbbSG6NLoO1MXKx8vahKwSSTHxyMBn:i9/o7l5rwEgqp1oR/6NLrMYtrSfen
Malware Config
Signatures
Files
-
47bad52757620adb213d227f70fdcd6cc2e50f5316e629d817ba74bfc91c556b.exe windows x86
9d626509209e6b871f17bb87acf43956
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
GetConsoleMode
GetLocaleInfoA
HeapReAlloc
InitializeCriticalSection
GetConsoleCP
GetFileType
LoadLibraryA
FreeUserPhysicalPages
VirtualAllocEx
OpenProcess
GetCurrentProcessId
TlsGetValue
LeaveCriticalSection
FindFirstFileA
RemoveDirectoryA
HeapAlloc
GetLastError
GetStdHandle
lstrcpynA
DeleteFileW
HeapFree
GetModuleHandleA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
CloseHandle
SetStdHandle
RtlUnwind
LCMapStringA
LCMapStringW
FlushFileBuffers
CompareStringA
FindResourceA
lstrlenA
lstrcpyA
FindClose
GetDiskFreeSpaceA
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetFileAttributesA
lstrcatA
MoveFileExA
GetShortPathNameA
GetPrivateProfileSectionA
WritePrivateProfileStringA
WritePrivateProfileSectionA
GetModuleFileNameA
GetSystemDefaultLCID
MulDiv
ExitProcess
FindNextFileA
GetStartupInfoA
WaitForSingleObject
CreateProcessA
FormatMessageA
SetFilePointer
WriteFile
GetSystemTimeAsFileTime
GetVersionExA
GetProcessHeap
GetProcAddress
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
Sections
.text Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 491KB - Virtual size: 626KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ