����ژn��r�]��^{a0�*Au���yc��A���z?�R�Y�@C�19���T�qQ$c�bso����v�(-��� AI��$zX[�o�V,��#=H}qQ-��P|'j=�#Q���������٦2�.�����A�N��Df|a$t�Y�G8a@��W�����]����'n�9D)��[�Z�w��V�������OA9.��4٧R�=D��8�BRһ0e=����F�Ua'<b�i\��L��w�� � ��J_"���D����j�D�ع>���nF�[����A̦�3rL9^��K���"Qyng�y������mj=5��n[�zq��E^�T��Ck({�'�%#.y�A��Sɾi���(+m&�1�E��퐩~U�Θo���v�)�5��Dg~U����avI��C���O� �+#�\��P�����؏���C�x��qR���3�)SbȦ-�%�/���ۊ��@8�[x��+����F�����طH:4ʯH�|/P��������]>B�e���.� ��->ʜ��o��n�)7�6R�!�K�] 9�"�U;�������Kr�t�-G�C�s.4��,O]�뺯���*4�8AL(mx�Jc��6����� /���7� ��bJ�Һ�k���T�d���Ys1/<Y�8(`���c'mD���mo�4w#���|�L��o��!`M���8X: ��A�S��^�*s-0��������#W!;d�Ǜ��~��M���0T�T?��X:���\�?=|�ǣ�:7�7`L磥?�(���a �BI�WTk_fa]����ɞ��&�|˨��:Zs���#�OmE�kS'�b�&�ӗ�e*���쪗}���/�-8� ��*-j �o6�[����a��st� ��W@��)����mqy�n^�T�[夂�[�L|�!�a�3 ��ʼnI�"���|}��ql��u��lފz�}�sW�9�A,s����^�f��)5� Zb�I����%{�Kux`��+9.u&<����~�������p�_c����$i�r�̶�If�� �X��0��$!ψ�ȳ+v����9c+�ؙk� ����(�B�����ntY )�U�Ѹ�mv���ގ��tJCW�{��E�4�~"��L���nE�h�_37Fѐ�Dwv�3Hɖ���P�D'��b>�BIw� ���`Ҝ-�Y�/\��X���ԻH\�bY6���j30�4�P�{�~.�vjhߙ��#ZK05�q����=�j��1�Lg��{L�Ʈf�.��d��Q��Δ�ν�=PH���B">ז˿!a��z�.��L��N�x��&%��4��\!�t���6�;�-�<��*kٯ�;�t��:i� ����r�mf�)���H�7���A�@|_R]���u��)�N�/T%��,H�,J���hǁC�o���>�&M{}�������3!*&�C�˫��"��윷���nw~�l��I,]��T� ����OF��g�c,��t2y+����)���d������9����P�;p�GJ� ��p��iR�@��LH �scu���$�!Do�QЬ�m4�Ň���d��D2�r��c; �JV5�R�� /|KVU�XxE��k��Nɞp��|�Z�����/�(_�}���N�j$�:D�#�e͵P��}/���e=�K�����h)!�VD����Ym��F�ل����֤p=��2���=P�L"�]��ic�.OtK��>X�x���Sc�MBձ����>��)�����]L m�i�R�|��Bq� �Ӷ�[-(:���}���R�퇧-"�=�θ\��.z* "i�4�u�>� �6 $[]�G߭�F���[K4F���cb�) 5#s�y��1��%�l��\s�@Xg��Nzɷ����2����H?�+�k&Ȱ3��� 6A�L]�X�f��/�_*�N]/�pC�7J�G��l���`�ݲ�vE.fY�j��כ���S�EF�����&��>GI_C���Deb~=����(�P�8<��L[3]�\��m`�ҩ�����̽�擅��u~J�to�+֫̇��^[�H/V�{�2���~+�v8=��>�J�v|���.�P�r��T����7��h��1 =��Ŵ_� �vW;<�l.GO�%���f8u�c�����U�� +QȢA|�� L����Eۜ�Φ8�K��d\�ۯ%���������_��)&U,L�= �Y���.���ok1�6&� � ��v��`�?b�^BU��w "$��,k��o�^��%r��}NeD)�6=F"P�O�Sq��s���6��a{��e$}��k�����n�EJ�G���aP�����>O ;X�#�W�8!_��k�!��\���w> ������m�|�!+��_��������� �ދ#`j-D)wy�T���J�rB���WN#��`zo �����x��>\�ZXZu�����!�)q�������d����eG��J�y7*D7�JVm���9P:�O��r9�賺N��J�Z��VL��C�Dt���d���&N�Fk���ώ�)�5�~8�����L���L3�q���&�혲bsV�[�fbn���j�L~m���mN<��ec�n>[VӄK������\S&4QoG��z������ȵlov���7�%M��6 ɠ�R �j���9��l�` 2��=���scY gI���P3x�*{�>>�u��|���rUO��sa���x)�������"��P�W`� mW���;K�,&�h��U2��&�����������!��ӭo�����f+��E�ES���)�Z��������e,p����a([ҭ�aA��N;��.Y�VM��Y��&: Q�$�Y\���� Ԇ��{�>�~�9ڏs5�*t�1� =�cњѼ?@a��ձ��t�o�.n��2�ؿ��J}���e�ޡ���G4?���>��������=e2��'��,��\������I��|�DL�҆��)��P^C^�m���F�GK�S{�$Q�� EM� q���A��M�bqBp���H�: ��bi��-p��;�^#,k�����NI�xv�����a��*�����_M���M]е����1,��<X�� �d" �9�0�Z�_ �a��7�&��Р`�aK�u��+��l���(X�J��p�&�&���3��c����%-���@jqF3Ƥ�֬�@�[J�Tk;��{[�r��{a5�b߫+�Xp ��$���iu�Ħn�C�QZ��T|��{���^9pz���o�A ��kK����=��<?A�jN)�e)�P�$��&O��6�Jא��?U��)�����{{��k��)BH��=�P��)5[�f��\���$�0([��7 <���ˈM�'�g��9o�OZ���ֶT�Ջ�nHM�y[@�=?�Rl�����"r ��jh^�|��KBzE>Y��2O�nC�B>w���$C;���Rv��,����s����+�n������H* �Ln�)��NS�{���l��f�(��w �w�u�?�D9��<�z�!��%�i8��id����[(�n���C~�_�@'-����e�QX�����e�N��CP�ַ�&#*�#�Ex�˶�"�h�{���Lb��h:�>vRHqϚ�۸Js�qQ�Y�z1o�����U�߈y=��"W�R�"�#[A}"�v\������ZG�����l�� ��e�AK�*a"�� <0��=x�����Yh?�u�
Static task
static1
Behavioral task
behavioral1
Sample
9e3c04707820cd4c0c8f50d49963a8c75a21e88d71c9a31f045592028d84e2e4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9e3c04707820cd4c0c8f50d49963a8c75a21e88d71c9a31f045592028d84e2e4.exe
Resource
win10v2004-20220812-en
General
-
Target
9e3c04707820cd4c0c8f50d49963a8c75a21e88d71c9a31f045592028d84e2e4
-
Size
4.0MB
-
MD5
2a97aa3ab5161aae270c5f2053ee0d0e
-
SHA1
f84f6f207d2a2fc825d89612427b67ee77c4648f
-
SHA256
9e3c04707820cd4c0c8f50d49963a8c75a21e88d71c9a31f045592028d84e2e4
-
SHA512
99e7d1a03195f6d2f9d7462505f6c2a9b3d0427abb5969db3082ef253c04c4957747dcbef27abd74ce0696ae83a34418e79718be9097c6132d7bf5aa4d402fe0
-
SSDEEP
98304:FGmcvnfOe9d07l+LOMIPE5QRlKTebwEOTxp/P7:Qmne9al+LOM15MsEG3
Malware Config
Signatures
Files
-
9e3c04707820cd4c0c8f50d49963a8c75a21e88d71c9a31f045592028d84e2e4.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Sections
Size: 1.7MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1024B - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 128KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 193KB - Virtual size: 7.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2.0MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE