Static task
static1
Behavioral task
behavioral1
Sample
05dfe87c32d050451714865d493614d6607ee4e69cc8dcd0e72dd31b4bb77d21.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
05dfe87c32d050451714865d493614d6607ee4e69cc8dcd0e72dd31b4bb77d21.exe
Resource
win10v2004-20220812-en
General
-
Target
05dfe87c32d050451714865d493614d6607ee4e69cc8dcd0e72dd31b4bb77d21
-
Size
48KB
-
MD5
d54a8a34315faf4bc1bab051ede3095e
-
SHA1
24cd0dbfa81bd3d5f644dd378d9cd4fe0a8c84ba
-
SHA256
05dfe87c32d050451714865d493614d6607ee4e69cc8dcd0e72dd31b4bb77d21
-
SHA512
ec549e88066391a904ec0b4469d04391b65e1468b1069243350a21345cc8eab0c96d0a9a97ff5b0bddb893ecada096ee9c94853a76ca2d04779d9d602b119d71
-
SSDEEP
768:yqUdSRAuIHgmyLfu4BvnGjSN99dD8wyGfw//kvgKJ:mLvgRS4BvGA9dD87Gf
Malware Config
Signatures
Files
-
05dfe87c32d050451714865d493614d6607ee4e69cc8dcd0e72dd31b4bb77d21.exe windows x86
3288763e7a3c1a33d884826a4610162b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord3318
ord5442
ord354
ord5186
ord6385
ord1979
ord665
ord823
ord356
ord2770
ord668
ord825
msvcrt
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
malloc
free
_snprintf
atol
sprintf
__p__fmode
_mbscmp
_findnexti64
_findclose
strstr
memcmp
printf
__CxxFrameHandler
strlen
_mbsnbcpy
__set_app_type
_except_handler3
strcat
fopen
fread
fclose
strcpy
fwrite
memset
strncpy
memcpy
_findfirsti64
_controlfp
_ltoa
kernel32
HeapAlloc
HeapFree
GetProcessHeap
lstrlenA
GetDiskFreeSpaceA
lstrcpyA
FileTimeToLocalFileTime
FindClose
GetLastError
FindNextFileA
FindFirstFileA
lstrcatA
Sleep
lstrcmpA
GetModuleHandleA
CreateMutexA
CreateThread
WinExec
GetTickCount
MoveFileA
GetModuleFileNameA
GetSystemDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetTempFileNameA
GetVersion
CreatePipe
GetStartupInfoA
WaitForSingleObject
DeleteFileA
WriteFile
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CreateProcessA
CloseHandle
GetLogicalDriveStringsA
lstrcpynA
GetDriveTypeA
GetCurrentDirectoryA
user32
wsprintfA
advapi32
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
msvcp60
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
shlwapi
StrRChrA
StrStrA
StrToIntA
StrChrA
ws2_32
setsockopt
recv
WSAGetLastError
connect
inet_ntoa
gethostbyname
inet_addr
htons
socket
WSACleanup
WSAStartup
send
gethostname
closesocket
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ