���.��\�0k#�?�F �[�����eV.�ME�s�c�����{�C�<���+�)�8�G�}��������?��t�\�H�|���5�ŗFp&O��R�U1�mInF�)�&'��G�O �����F9#�?��Dl5i��~�Nq�d+�U5\t�Ze�=���f͵ޑ���]`F.�6��db��Z��UȻ�4�R9�Jt��I� _�Bɗq�ƫj�hj8��\�U�\x��Q�[adYmBqh�!�j�dm����)>R����g��֑��(��Լ�� c.[�{�=��nΒB�9�k�ʞ���$��k����X�}�0?yh�ba�EX�����y��O���[�pI����I�������ܖڼ����� ��=��z�P�80�s�����4��͛���T�#�]��U�nK>1h+��ݟ`�� ���J;��zy➉����rd��rI��� � ���W1�� Cyo�!�����uVΨx�XZ,�ʇ�ou���������*o�E�>ie�X`>8��`�/Z�:o=�u�����b�8�\���MwxO� �o- i��}��A����4X�B7���Z�?��� � .���`Q�ˁI����SVR��N��~�5|�Ε��?`�^{���.�'N���}T�[�K~�p���p�����N׃�Y\����N��_q�=�Q/�::["�^�X��U�m������0b�"Iţ�uk�4���1��;�S$��^�w3:'���l��ږ$%t-��+W����u�t�Q�#~?&H(�R��O D\?}�������a�k�����-h��&��O�� ���LE�i\��k���y�01���-�:t]&.'H±�U�g��.�C�� ������Q5� ���0 ~Ӂ�2:�N> �g�����sa�!q���>���m�;�b����y<�3����h@���!VI�< P9��Jr���,��C1�4d#�i_�z����&��A%��86�ҠЧH�0�n�2S��Mw�`W�wd��d�<7�#l�\�UO]^���"?8}�����9�+V��v)�\�%n=�%o0�9��tC���s�f������h̃ �u$�* CT�i9A7T>@w�;��!��͞/�A#ߺ��!��ԵF. �pmB�$�w%�9��cS�k8_�b�BkQ"�s��ʈ��� *i��/�Ao�!�P�R4b� ]I��9P�}�!�8(����ĦL�Mz2�&��G� �[5�f��J�w6;ԋ!�����mJ�Ӭ��p}c���h���3S��������ۗ���W������\�A��5�U�s�.N�R �U�z��u��};� �%�����Z��J%��U`���l*���P<8�=b;�~����ؤn�����!��2��q��vX�$3v�H�[���3~���E�+U⤊�Fs���\R �~�d����ƥN�W�0(�o���ؔ���ۏ�B��ᾢ�͇����n�$��ح?J� W[����г�o��vR]Ã+���vp�����CL��������f�/{i"�e��"�c���>`�d]�S��~^�]iVR��zu�|�*��٣�f�/i͛�#�]Hͯ.w��WF\Tj��k9��ȤI�=�����u��G��c��2�\��Lv8|y �X�~�kL-��bll�%��촛�8�JגGO�4��� �]�X2ו{���n�]�=�����lg�>������$�?"m��9jۀ����{ݡ˩�4ITӛ �(��"(���Ɨ��Oޤ��W�#����=��+��ڱ�LϷ�%}��>=��@H���H+�)�\�s���<]�Ҝ���˜y��.O�}\�X~iW袋�E��Ы�'R�ҝ���r{r/�1m����g��/ۨ,(����~3� ���B�q���m�"��>�!�\�L�-�䶿ae���$h�֚��\��aP�K?^����(N�dV�ԝ2��=?N��o�a۱0��.���[`/�=H����X}Y����,F��N�/�D���mw��i��yS�9��֚�����ݍغZ�$��qλg{���U���B7���D��x��ų�Y��D<���(Z���ȧ�����Q��Q��[�2��K�{�9��T*M����T`"!#�Pf��$s��Rh�0�� l��� ]��Q����7�Ar�5O(.ʼnڣQ��z.�ɔ���D^I�r�����������|�����#���֎7�i �}{��$L33Eiv��܂G��&�ý,i1X]�S�O�;Oi��.a>�h�H�!�@#2.q'2$w�S���"7�?��:�c�n�b�?��jq���8uN� �$>��ޞ���fl��l�r+gp�}�i�|���N��tJ�E���=�W�8��%���(�@�����!�* ��9�"�1}H�v�{�2z;�D5Uw�4qf(�o^��o�.Q̻m����ls��l��"�`�ȳ����[��[,��[���=^��6VK� �c�!�����~K�1 w����7�Rip�^��v������ �F���b'w�w�n�6�!����>���f�������� �K ���y���UŐ'���3��~4�%ykm����f'�O�@��h�2�-�m�D��*�y�>��D�q����ޓ{ �-��?�����]%��O���6��kn[�dA\%��z��q��,�� ^���g�Cư�"@���Ob]�zB�>�^����>�w���}^ch�����PA���~9>� ��ŗ�KE�S%(`��v�X]k0|�Ed�t|H���AE�Λ4�E5�.�s�!����6n�QJ0����_�%�h�r��4ib�b��x���Z��h������Tr� ��v�{���a�[�1/��^m^�6=l�e|��e.����8"� �Q��Ҋ���J�s,:���L�*�Bk�#}�Io�|]�8����Y4�F͋�B�P� �eLd�ӆoK����Щ�+D���EQ �u�{X"�Ϭt7���|�3�je���~�*jKZS4f7�H$G9�Pd��}�vs���[Gĭ;�Υ�gԲv�'s�"��Gb�P�w�-�K��"�4�4ZV�n�|A��C���U_�|�*x���)����b
Static task
static1
Behavioral task
behavioral1
Sample
3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6.exe
Resource
win10-20220812-en
General
-
Target
3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
-
Size
2.7MB
-
MD5
3e6ab81cb664ef45c63e199d29482770
-
SHA1
bda51008a7daa74647251d6d5a77fdb856210301
-
SHA256
3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6
-
SHA512
fe71b8e01e255c1b18df315f10eb21c869bdd97d2c7f32c45b09ccae6fbfce46fc501f1aa8951a598514de9a32326246d31b8bac9930aab6944986a483ee5031
-
SSDEEP
49152:DfOs9NOgoQwALr0SJPhFjvGriy0v9IQ2N6/wshHb0e517ytyrCmuC5X1HK:DLv7wq9bGrFc9F2dsZgwytyrLTH
Malware Config
Signatures
Files
-
3051cecc80d74524686f4b38061391860e0b0052a07c4ec4905e54e7f293d7e6.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Sections
Size: 3KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 9.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pwkz Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE