Static task
static1
Behavioral task
behavioral1
Sample
cabb21533925446e9e6124e1524a82598fa3e5318264bdb0620aeb7ceaa72eec.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
cabb21533925446e9e6124e1524a82598fa3e5318264bdb0620aeb7ceaa72eec.exe
Resource
win10v2004-20220901-en
General
-
Target
cabb21533925446e9e6124e1524a82598fa3e5318264bdb0620aeb7ceaa72eec
-
Size
455KB
-
MD5
309cd4b5dbd604abfdc863469cad1c20
-
SHA1
f628c9b0772eb5e5ec40ab49f7bd00b26e963a63
-
SHA256
cabb21533925446e9e6124e1524a82598fa3e5318264bdb0620aeb7ceaa72eec
-
SHA512
43d92af82f1591f18080f2dd61712aad84b14b2f44fbf0a9b44a45fbb58378966fa33d47818ef99a8fb590871b3ca667d11b94814b6c558b5aa4f7092cd627bd
-
SSDEEP
12288:5QrXhMis79+EbyPoZFWzmvD8QWw+U6vRBH8xv8gAy:chnEblTWivSwEUO
Malware Config
Signatures
Files
-
cabb21533925446e9e6124e1524a82598fa3e5318264bdb0620aeb7ceaa72eec.exe windows x86
80451f8fac72313ff6a50d88253cfe65
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareStringA
GetSystemInfo
WritePrivateProfileSectionA
SetLocaleInfoW
GetLocaleInfoA
GlobalUnlock
HeapAlloc
LoadLibraryA
TlsSetValue
LeaveCriticalSection
WideCharToMultiByte
GetProfileSectionA
LocalAlloc
EnterCriticalSection
TlsFree
TlsGetValue
CompareStringW
GetStdHandle
GetStringTypeA
SetThreadLocale
SetLastError
GetACP
GetStringTypeW
GetCPInfo
LocalCompact
GetUserDefaultLCID
VirtualFree
GetStartupInfoA
GetProcAddress
VirtualProtect
GetLocaleInfoW
HeapFree
FlushFileBuffers
FreeEnvironmentStringsW
WriteConsoleOutputCharacterA
GetVersionExA
VirtualQuery
LCMapStringW
HeapCreate
SetEnvironmentVariableA
DeleteCriticalSection
HeapDestroy
UnhandledExceptionFilter
GetLastError
HeapReAlloc
LCMapStringA
ExitProcess
GetFullPathNameA
CreateEventA
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
IsBadWritePtr
GetModuleHandleA
GetEnvironmentStrings
HeapSize
InitializeCriticalSection
GetCurrentThreadId
SetHandleCount
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
IsValidCodePage
EnumSystemLocalesA
EnumResourceNamesW
GetTickCount
GetTimeZoneInformation
GetCurrentThread
GetDateFormatA
TlsAlloc
MultiByteToWideChar
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
InterlockedExchange
IsValidLocale
SetConsoleCtrlHandler
GetOEMCP
GetFileType
GetSystemTime
GetTimeFormatA
advapi32
RegCreateKeyExA
RegSetKeySecurity
CryptSetProviderW
RegDeleteValueW
CryptExportKey
CryptEnumProvidersW
CryptDuplicateHash
LookupPrivilegeDisplayNameA
CryptGetDefaultProviderA
RegNotifyChangeKeyValue
LookupPrivilegeValueA
shell32
ShellAboutW
SHGetSpecialFolderLocation
ExtractIconExA
DoEnvironmentSubstW
SHGetNewLinkInfo
user32
GetGuiResources
EnumChildWindows
AppendMenuA
InvalidateRect
OpenIcon
OpenWindowStationW
GetClipboardSequenceNumber
DrawTextW
GetShellWindow
Sections
.text Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 310KB - Virtual size: 309KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ