�Uz-�X���l�)�K1�sf6{b�d�m�@�eH.�t��0u���̖�qw�@I9�ߢ������"�Xx�$�3�m+��w#'��!�`�8s� �X��� �@�]�!��F�91���}NV��~�Of���j5�\J���5D�#�[6���,"�.�E ��0�Q0��ܴ��|��cܯ���;0W� \�~te9�#XD�D�����0�5"���=�9�����T�qt���}8��Mt�4ݭP�8em S5G3h9h�1�D�Ors�&�{�g57�|"�,�;�}�Z��-�8���aA�}���I��Ь�=�4no@�TD��2�L[���������;�+�����-)���d��=L����VK��A6ڹ��[M����W���쀣Ŀ%�2��D�]��G�|��D\����q���9�ZOP KT��������{������d��h�ñ�v�6%`�}fj�j�ܔLH��@4;�̱���!�Zm+}>f?N,�L�W�4��;V�h�▭�R�C��b�L�ڳ��F���̿��P0'��� ��CF�$bF�X�oLo���!��6V�v�}!sO�G��_�}�ݼs���\�;�� ��r�W��k��3�a]�n�O��� �M��rO�2vv\1�Sݙ��᩿+tO� ��|eyg`��)�w ���h/�='!k�o����֩�Û(ji�Gˣ��uD���5�V�<k~�ރv "�yk�q�}��nv�'����qB,�e�6_��Z��o����<�G�t.ۓ,���G�94�dv����'h%���iB������|����B����a SL�,J0�2� ӿ���;��Ҫ��k�Wr�����P<��/����^8,� CcϽ2euŞ]sԉ� :�G�� p���V�k'e��:uZ<f؟�v����dI�Ӣ�)���"�3��n�l�3Y��;�i�sv>���R��;a����X�k�|���b���;���:�kN��J�Rs���6DF��3�1��aW/���#�m]��_"ޜs�h�e�ɧH���n+i$G��c�V��oy?��L��$@�nDM�vFH�u�m9�.Qw��|��-��m��=������ ��{ H"�z�[�'�_��>MVq5gMS��$S�p��N�ngW{���r�wNg��ODR0�'قF��<C���$S"m�� Ȍ��`�iυ��q����4�hkmmsS;A����&|0C�`M�Y�,���V��pª~��Oz8����BB�E����?��uE�������U�2�VM��$�C�0�P|b��5�E�C4�㟜�� ���|�X��I%%��� yKBC����se��G���0��=�;f�i��Р�ױ�$ ��Y9�jH��Iyr���"!�R�d�\�rT�Xl�vJR|��CPG��+I���]Wi�YF�%�Lp�� ��c���dr�I�u���)���!�<AG���8[�z�����n��m���(P������6�z7{���8��g�����!��ؠ*8a$�/����:M������҆fxv{.���琸�"a��U7)���e����M��Zn@�r�hw�dH�2:n�!! ldM<J�bF��������~�D���q�$�-]c�p7y�D(�6@���6k��=-������,��0WjUgă�!>��V����P�CC���K�9���0,`� ��'�m��6-�������A�eHe���'6�o)�J/�?���Dq�g���^M����ÕӰ�O�>���3bO�A���� �⣁� ?Ep�L �,�g�� -���[E����=�-S�2�Iu�E�"�m��[���=���P�N��;8>��B.�p?{+��#T�u�������~���Ev�a�lW"s�ֈ�]�k�!�� ȓP ��U���/��B�{]�`{X�|I�)�5-�\������1@�����c(�dG���u�α�����}(�M��o V ;^IS�����hFZ���v�#|D�ԋH$P�\��rY�^�Z"� �0v(Vf����ԟqL��#�#�Ll�&��S�vcd�.��e��~�}w$h�r�9�'� �Aٖ��1�=�8�+������P��\!��S�x{���2�6$`C�{ ���b&EU7<63$k3����!3�P4*��Q�v6��&��`���m���ùG6I�Ɩf�8�rA�g�4e�ᤉM�Dg����Μ�M��Nׯ�)u#�w/h�ޙ����|���_W7�{I�� L t;��T�*S��F�ܭ��}���[��i��$$^SN�*�Q���ܖ���\�4c����V�AٗK�9A&�/qR��������j�lK�1Cܤ��/ǚ ��������[���.��'�_c?ƥ�2����muL2|��9$<��I��]�7�S;� :����#2S:@!��n������3��0��Q-66>�鯟9�?}`%$#���j[0;6�~�M*٣�D���K��Bp']��;�`�q��� ���D��Mc`b��w��-t�a���E�d}C %s��ޡ���3���#����g\����2ӛ����� �5���$��!���=����C�U���6\ǎ�̇��������y�dٚ�q{'�F�boG�a�J�ѿ��Ŭ��M)��*=���_�[�A���j��Ǡ&� �c<�z�/��re4��Ƞ ���$��ryȲ(+�ܹb��<F�Mʿ��p�K����F����ֲ���~|�>��?�3�:GL;�8��s/[��[�6��ៗ1��4��|��������3��>��Ƀə8¤�ɾ��K�������R�Y����e.u��i�S�+'֢�$��� 9���}VF�z^Pik��� \ܠ ���>N�%�,�ۊ~İ��*�� ��G��90f����G{o��-�Lʀ����'��=�S+����U��@ü}*����9uFO�f;:0�3�_�YeLZhAx�[�i��>i�z�,�a���tU%��uc���K�������t���@ت��+E6T�!����#�u�UR��N��+ ��.3]�x��W�l4D$)��\�!��N8g�kc~�9�˛�������>�^��R֧� 0�De��YQ)�#��ށ�er%�dt����)����E�n�����������y�@������B��(��.�� �� V���� �udf���,F���sBW��#� ���}�z�x�g�8�XY�}�t�o��B��djO ���Z��'�F�!�V ����zya,ihK~ǒ�,%H�;L���'b��8�T���&��*�i���G�G�Pf��3}['�N&Ŀ|��E�67S=�;�m�m�_0H��*�4��lj\����4����u�}���#�v��-������qk���g6E�Ԍ#oϵ��J���=��Wy�Ƿ��Bf�F7C}��Z'�Wxm���g�@��o���19�gU��up]!z'��r§/֝36Ui2o�:�<�)F�����V���D���_Ao������@n���K��Jk�-1YRX�+˦A�jxi/��pg����/�1"���&F�X**�O�"�˷��)��1~�wb��T9T�$�}� ����rP2T#�\N��+�t��-��T��~ ,o1�=����V���EA�C/�#
Static task
static1
Behavioral task
behavioral1
Sample
c5a789a1439ceefd9990f60b91999b1187267eb1709a224ae687bed8463a3aa9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c5a789a1439ceefd9990f60b91999b1187267eb1709a224ae687bed8463a3aa9.exe
Resource
win10-20220812-en
General
-
Target
c5a789a1439ceefd9990f60b91999b1187267eb1709a224ae687bed8463a3aa9
-
Size
2.6MB
-
MD5
5cc869a817b715c159ead8fbf935f605
-
SHA1
bfd3ab07cf3d6fbd65919526c8324d5e16955621
-
SHA256
c5a789a1439ceefd9990f60b91999b1187267eb1709a224ae687bed8463a3aa9
-
SHA512
516044436ddc83a4ef24eaffaabdd309b3687effe3a223043a4774266814bb82ef72bf183711eb979ce6845700c7bfaaddd22405fbb1ed1c22070e0c46c3d39b
-
SSDEEP
49152:iQ8Jt0z6z2bgJvzNY4Wax5syo1gKflMNCs7hxLeKP0Vnuctqb6y2WDtEElK:iPJt0O2bgv361x6tLcUuy2g3
Malware Config
Signatures
Files
-
c5a789a1439ceefd9990f60b91999b1187267eb1709a224ae687bed8463a3aa9.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Sections
Size: 3KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 2KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 9.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pwkz Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE