Static task
static1
Behavioral task
behavioral1
Sample
CE24E842B83F8A3A8F0D85A6F153C3B4C8B83361F6464.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
CE24E842B83F8A3A8F0D85A6F153C3B4C8B83361F6464.exe
Resource
win10v2004-20220812-en
General
-
Target
CE24E842B83F8A3A8F0D85A6F153C3B4C8B83361F6464.exe
-
Size
839KB
-
MD5
74fc043f77dfa007e19afb424c59abcf
-
SHA1
0d373b5fcf9e6fcf7320f1fccb52971d8b566c48
-
SHA256
ce24e842b83f8a3a8f0d85a6f153c3b4c8b83361f646498e47b55a1d51110a76
-
SHA512
12070bbd98730763d5cb5db575b66513ed06852f5b1d5d1f8376deace8943c68afabeb2113453f874294f24e693cda2bdaad68be44ce99afa1ea554809eae170
-
SSDEEP
12288:Xi5HT/+cmRO5fZ6RhPdRVBeFPe8jnA1Mhnqx9etxDrPEOsjDduCOOL:4YOj6RjRVBeHj8nYTjEOsjxuNy
Malware Config
Signatures
Files
-
CE24E842B83F8A3A8F0D85A6F153C3B4C8B83361F6464.exe.exe windows x86
7364064dd132b4d512c254b1e8fe9ea2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenMutexW
GetCurrentProcess
GetNamedPipeHandleStateW
GetQueuedCompletionStatus
FillConsoleOutputCharacterW
EnumSystemCodePagesA
LocalUnlock
GetVolumeNameForVolumeMountPointW
WriteConsoleInputA
EnumDateFormatsW
FindNextFileA
CopyFileExA
BuildCommDCBAndTimeoutsW
VerifyVersionInfoA
VirtualLock
SetFileApisToOEM
UnlockFile
GetProfileSectionA
VerifyVersionInfoW
IsSystemResumeAutomatic
GetProcessPriorityBoost
GlobalGetAtomNameW
DeleteFileA
FindNextVolumeMountPointW
TlsSetValue
LoadResource
WriteConsoleInputW
GetConsoleTitleA
GetComputerNameExW
OpenEventA
GetModuleHandleA
GetSystemDirectoryW
GetDriveTypeW
BuildCommDCBAndTimeoutsA
GetShortPathNameW
ReleaseActCtx
DeleteFileW
GetCommandLineA
InterlockedExchange
CopyFileW
CreateActCtxW
FormatMessageW
GetModuleFileNameA
EnterCriticalSection
FindNextVolumeW
GetExitCodeThread
LoadLibraryA
CreateNamedPipeW
GetUserDefaultLCID
GetConsoleAliasesLengthW
WriteProfileSectionW
AddAtomA
InterlockedDecrement
HeapSize
_hread
InterlockedCompareExchange
GetStartupInfoA
CreateMailslotA
GetCPInfoExW
GetSystemWow64DirectoryW
SetLastError
GetPrivateProfileIntW
GetConsoleAliasExesLengthA
DebugBreak
EndUpdateResourceW
GetTickCount
VirtualQuery
DeleteVolumeMountPointA
OpenFileMappingA
GetModuleHandleW
GetDefaultCommConfigA
VirtualAlloc
TerminateThread
GetACP
CreateIoCompletionPort
GetDiskFreeSpaceExA
DefineDosDeviceA
GetExitCodeProcess
EnumResourceTypesA
SetConsoleTextAttribute
GlobalGetAtomNameA
IsProcessInJob
MoveFileA
lstrcpynW
WriteConsoleA
GetProcAddress
lstrcatA
LoadLibraryW
WriteConsoleOutputA
GetStartupInfoW
FoldStringW
WritePrivateProfileStringW
SetHandleInformation
WritePrivateProfileStructW
DeleteCriticalSection
GetFileAttributesA
GetCurrentActCtx
CopyFileA
CancelDeviceWakeupRequest
ResetEvent
LockFile
MoveFileW
DisableThreadLibraryCalls
GetOverlappedResult
GetCommState
FormatMessageA
InterlockedExchangeAdd
GlobalAlloc
SetThreadPriorityBoost
SetFileShortNameA
GetFileAttributesW
SetCalendarInfoW
ConvertFiberToThread
SetComputerNameW
GetConsoleAliasesW
EnumDateFormatsExW
SetTimeZoneInformation
SetConsoleOutputCP
MoveFileWithProgressW
GetStdHandle
SetLocalTime
GetStringTypeW
EnumSystemLocalesW
DeactivateActCtx
CreateMemoryResourceNotification
OpenSemaphoreA
GetModuleHandleExA
SetFileTime
GetFileType
UnhandledExceptionFilter
GetProcessShutdownParameters
lstrcpynA
GlobalUnWire
FillConsoleOutputCharacterA
GetCompressedFileSizeW
ReadConsoleA
MapUserPhysicalPages
WriteConsoleOutputCharacterW
OpenJobObjectW
CreateFileA
SetTimerQueueTimer
GetConsoleAliasesLengthA
SetUnhandledExceptionFilter
RaiseException
HeapValidate
IsBadReadPtr
LeaveCriticalSection
GetModuleFileNameW
TerminateProcess
IsDebuggerPresent
GetLastError
SetFilePointer
SetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
Sleep
InterlockedIncrement
ExitProcess
SetHandleCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsFree
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapAlloc
HeapReAlloc
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
FlushFileBuffers
GetConsoleOutputCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetLocaleInfoA
CloseHandle
ReadFile
user32
CharUpperA
Sections
.text Size: 230KB - Virtual size: 230KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 588KB - Virtual size: 6.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ