Static task
static1
Behavioral task
behavioral1
Sample
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd.exe
Resource
win10v2004-20220718-en
General
-
Target
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
Size
688KB
-
MD5
009ab396124e8a95257738d28212720a
-
SHA1
239fbb1e20337f7dc293efd628a4b7d5b5949396
-
SHA256
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd
-
SHA512
22152f29b15482c5dd7f2eb0a828f333140fcf3c9c1513ba58f960adae72bc4f717dd703229a8858407bf05bdba43f728b7502fae18fff0522bde44733a0802a
-
SSDEEP
12288:UcwYuR0hKEIwRuQNKJ7bfphnX/p3wdX7ePfyDU7An0YTwVwHLEnJ0hLtS:Uc9thlI/fPX/p4reukiDTwuHLEnGhRS
Malware Config
Signatures
Files
-
50fc35e99c24ad4fab37c2bdad31f60a7789b297f261f39d3ba8f1949b71c5cd.exe windows x86
b7177fbdb3e3d1d72eb28b087e0a46d5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetLastActivePopup
gdi32
SetTextAlign
StartPage
StartDocW
DPtoLP
GetDeviceCaps
GetTextExtentPointW
CreateFontIndirectW
GetPixel
SetTextColor
ExtTextOutW
GetTextExtentPoint32W
GetROP2
SetROP2
GetStockObject
CreatePen
Rectangle
DeleteObject
SetBkMode
DeleteDC
SelectObject
EndPage
EndDoc
EnumFontFamiliesExW
CreateBitmap
CreatePatternBrush
SetBrushOrgEx
PatBlt
OffsetWindowOrgEx
SetWindowOrgEx
SetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateFontW
SaveDC
RestoreDC
MoveToEx
LineTo
CreateHatchBrush
GetTextMetricsW
CreateSolidBrush
GetObjectW
kernel32
GetLongPathNameW
lstrcmpiW
DeleteFileW
lstrcpyW
lstrlenW
GetModuleFileNameW
lstrcatW
lstrcmpW
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CompareStringW
HeapSize
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
GetFullPathNameW
LocalAlloc
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetStartupInfoA
GetProcAddress
GetModuleHandleA
MoveFileW
SetFileAttributesW
GetFileAttributesW
GetModuleHandleW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetCurrentProcess
CreateFileW
LoadLibraryW
TerminateProcess
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileType
CreateFileA
SetUnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcessHeap
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
TlsAlloc
TlsFree
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetCurrentDirectoryA
GetTimeFormatA
GetDateFormatA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LocalUnlock
HeapDestroy
HeapCreate
GetCommandLineW
SetLastError
GetTempPathW
LocalLock
FindResourceW
GetLocalTime
GetDateFormatW
GetTimeFormatW
ExpandEnvironmentStringsW
GetVersionExW
lstrcpynW
CopyFileW
TerminateThread
FindFirstFileW
FindNextFileW
CreateMutexW
GlobalSize
CreateDirectoryW
ReleaseMutex
InterlockedIncrement
InterlockedDecrement
LocalFree
GetSystemDEPPolicy
CompareStringA
CreateThread
GetACP
GetCPInfo
GetCurrentProcessId
GetSystemInfo
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadResource
LockResource
MulDiv
SizeofResource
Sleep
WaitForSingleObject
TlsGetValue
TlsSetValue
CloseHandle
Sections
.text Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 595KB - Virtual size: 731KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ