Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win10-20220812-en
General
-
Target
10bba07a1965c61a2ec05b46331e3eeda3d7bdeb8074c86009dc11f2564048fa.bin.sample.gz
-
Size
2.3MB
-
MD5
84e205141c93c0ed1b1b84bb2d930285
-
SHA1
34be9192698ded8a41269cf0a66c503bc783cb80
-
SHA256
7ed20d7a8f61ce7efb5354bdf8e02b6f3cefa418f8adb9e6d81f70086102e5e8
-
SHA512
704129d8766ebd7a7738447253d6a12859d9e6a14b45f847f838757a580dbb306cbd20a443a6916ebebe7d4e989e996df89e4ec1e5420667bb895541c14fcc5b
-
SSDEEP
24576:AoVaZSuvvyW4NNqB0yBahfIoGBWJzQkDA5qnMK7qKoBoe:AoVOSuvvyNdGahfeWJsQZMK7qKoBoe
Malware Config
Signatures
Files
-
10bba07a1965c61a2ec05b46331e3eeda3d7bdeb8074c86009dc11f2564048fa.bin.sample.gz.gz
-
sample.exe windows x86
657339296770e8f5651105f5b71d90d4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalFindAtomW
FlushFileBuffers
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
RaiseException
HeapReAlloc
GlobalAddAtomW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
LoadLibraryA
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalFlags
WritePrivateProfileStringW
GetVersionExA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
InterlockedIncrement
lstrlenA
SetErrorMode
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
lstrcmpW
FreeLibrary
SetLastError
FormatMessageW
CopyFileExW
WaitForMultipleObjects
GetTickCount
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
MoveFileW
LocalFree
IsBadWritePtr
IsBadReadPtr
GetModuleHandleA
GetCurrentProcess
CreateMutexW
GetCurrentDirectoryW
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
WideCharToMultiByte
SetFilePointer
FindNextFileW
FindFirstFileW
FindClose
TerminateProcess
ReadFile
GetCommandLineW
GetConsoleWindow
lstrlenW
GetFileSize
CreateEventW
ExitProcess
WriteFile
CreateFileA
GetModuleFileNameA
CreateFileW
GetModuleFileNameW
WaitForSingleObject
CloseHandle
OutputDebugStringW
GetComputerNameW
InterlockedDecrement
MultiByteToWideChar
LockResource
SizeofResource
LoadResource
FindResourceW
GetModuleHandleW
Sleep
TerminateThread
GetExitCodeThread
GetLastError
SetEvent
HeapSize
CreateThread
user32
DestroyMenu
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
wsprintfW
ShowWindow
GetForegroundWindow
GetWindowTextW
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
ClientToScreen
GrayStringW
DrawTextExW
GetWindowThreadProcessId
GetKeyState
SystemParametersInfoW
GetDC
GetSystemMetrics
ReleaseDC
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
PostQuitMessage
PostMessageW
GetSysColorBrush
GetSysColor
LoadCursorW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
PeekMessageW
GetCursorPos
ValidateRect
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
gdi32
GetStockObject
OffsetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetClipBox
SetMapMode
SetTextColor
DeleteDC
CreateCompatibleDC
CreateDIBSection
DeleteObject
SelectObject
SetDIBColorTable
GetObjectW
GetDeviceCaps
ScaleViewportExtEx
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetViewportExtEx
winspool.drv
OpenPrinterW
DocumentPropertiesW
ClosePrinter
advapi32
CryptImportKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyW
RegQueryValueW
RegOpenKeyW
CryptEncrypt
CryptGetKeyParam
CryptSetKeyParam
RegCloseKey
CryptGenRandom
RegOpenKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptAcquireContextW
shell32
SHGetSpecialFolderPathW
shlwapi
ord184
PathRemoveFileSpecW
ord214
StrStrW
PathFindFileNameW
StrStrIW
PathRemoveFileSpecA
PathFindExtensionW
ord213
PathFindFileNameA
ole32
CreateStreamOnHGlobal
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance
oleaut32
VariantChangeType
VariantInit
VariantClear
SysFreeString
SysAllocString
gdiplus
GdipSaveImageToStream
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipGetImagePixelFormat
iphlpapi
GetAdaptersInfo
winmm
waveInClose
waveInOpen
crypt32
CryptDecodeObjectEx
CryptImportPublicKeyInfo
CryptStringToBinaryA
mpr
WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW
WNetCancelConnection2W
WNetAddConnection2W
ws2_32
inet_addr
gethostbyaddr
WSACleanup
closesocket
recv
send
connect
WSAStartup
socket
htons
Sections
.text Size: 158KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ