Behavioral task
behavioral1
Sample
8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22.exe
Resource
win10v2004-20220414-en
General
-
Target
8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
-
Size
31KB
-
MD5
b7eabb9d09f243bcb2c47d411028b07b
-
SHA1
b65366292b2d5d917f6aaee8634e635f4b5308ef
-
SHA256
8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22
-
SHA512
5285067287e4cdb4f0ee121eaf2fce2ae91d1bec0f7ebfff657dc452493db3c637b54d0cb495590bf92253ffcd4aa9681b015c258717966ef89a9b83859c300f
-
SSDEEP
384:0jc1jhjfNM620vqF5lLtUgL+L+ZwEk8DQhIWwk6e4mxNLZRIH+zx7KNvQaoIZgyb:qcl5JGlLt9+L+8+Wwm0+AY7Lyflwjm
Malware Config
Extracted
buer
http://looad.top/
http://looad02.top/
Signatures
Files
-
8026e96ade96c109afdeb9bd32d7cdb47cafc596dedd943dbd74828ca684cf22.exe windows x86
248d6965634fb675a713b9e5e78109cd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntdll
towlower
iswctype
strlen
strtoul
strncmp
strstr
strchr
_chkstk
wcscmp
wcslen
wcscpy
_allmul
memset
kernel32
HeapAlloc
GetTickCount
GetProcessHeap
HeapSize
HeapFree
user32
MessageBoxW
Sections
.text Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ