Static task
static1
Behavioral task
behavioral1
Sample
ca822014ca696d0e23b01c366d04b32bedf5a6059ef51dfd686cbcbcf28c4c49.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ca822014ca696d0e23b01c366d04b32bedf5a6059ef51dfd686cbcbcf28c4c49.exe
Resource
win10v2004-20220812-en
General
-
Target
ca822014ca696d0e23b01c366d04b32bedf5a6059ef51dfd686cbcbcf28c4c49
-
Size
100KB
-
MD5
787b7623591fdac2f45646373df085ee
-
SHA1
cd76c2ec253a5d26032a211d918436c93d2a478e
-
SHA256
ca822014ca696d0e23b01c366d04b32bedf5a6059ef51dfd686cbcbcf28c4c49
-
SHA512
e1f35811bbb719887cd36e206de1ed158527343b665ac0790d05f917c691fc59ad7f3cf07a962b74d2897c3d611288228073a6c4c3fe3094a437b3ae91eb1ba0
-
SSDEEP
3072:+8XjXZavI9oUvdGmxZesJk4qXxcWtfbGHJDqKZ:7zXZqU0masExcYfKHE
Malware Config
Signatures
Files
-
ca822014ca696d0e23b01c366d04b32bedf5a6059ef51dfd686cbcbcf28c4c49.exe windows x86
abc6fcf5bb051932ddaafeb633b9d10d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetProcAddress
GetModuleHandleA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
lstrlenW
OpenProcess
GlobalAlloc
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
lstrlenA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
Sleep
VirtualAlloc
lstrcmpiA
GlobalFree
WriteFile
CloseHandle
HeapFree
VirtualFree
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapSize
user32
wsprintfW
advapi32
RegCloseKey
RegCreateKeyExA
RegSetValueExA
winmm
timeGetTime
Sections
.text Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 908B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ