Static task
static1
Behavioral task
behavioral1
Sample
29b9b0eec230a9e460df3869bb158359332e2aa2fef54cd4e61c09a52357d37c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
29b9b0eec230a9e460df3869bb158359332e2aa2fef54cd4e61c09a52357d37c.exe
Resource
win10v2004-20220901-en
General
-
Target
29b9b0eec230a9e460df3869bb158359332e2aa2fef54cd4e61c09a52357d37c
-
Size
382KB
-
MD5
1d1d41cfc5669506b9a23f6c1cb58d69
-
SHA1
be92070da0f6ec8c142f73f0a11f80335d1dbf3a
-
SHA256
29b9b0eec230a9e460df3869bb158359332e2aa2fef54cd4e61c09a52357d37c
-
SHA512
1bf7b67fb77b10a5ff3099084b51aa330308364e504d33bfaedb2124a13c28b082265622ae4c15de6dc9e89f459bf0de972659df1e1ffd155b4a48557c98b22a
-
SSDEEP
6144:8uzVRMzCQ0TexdCoNSQwMOu/L5NY5k7paog+4gyA1H1zZsQ6psGeDkXMg:jzVRMzCQ2exdCGGMOu/iQtUA1A7R
Malware Config
Signatures
Files
-
29b9b0eec230a9e460df3869bb158359332e2aa2fef54cd4e61c09a52357d37c.exe windows x86
0fa587afdb8541260b0e92364e8aa1a7
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
HeapCreate
CreateMutexA
LocalSize
CreateEventA
GetCommandLineA
LocalFree
SuspendThread
GetPrivateProfileIntW
GetExitCodeProcess
GetEnvironmentVariableW
CloseHandle
GetStdHandle
GetModuleHandleW
GetACP
lstrlenA
GlobalFree
ReleaseMutex
WriteFile
ResetEvent
InterlockedExchange
advapi32
ClearEventLogW
CreateServiceA
ControlService
RegQueryValueW
CloseEventLog
RegCloseKey
RegDeleteValueA
RegCreateKeyExW
IsTextUnicode
IsValidSid
RegEnumKeyW
RegDeleteKeyA
IsValidSecurityDescriptor
devenum
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
hdwwiz.cpl
InstallNewDevice
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 416KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 372KB - Virtual size: 371KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ