Static task
static1
Behavioral task
behavioral1
Sample
4c35eeade83dd03a411e7c058a282d266870066835de96ef97ae47ca4db2e2db.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4c35eeade83dd03a411e7c058a282d266870066835de96ef97ae47ca4db2e2db.exe
Resource
win10v2004-20220812-en
General
-
Target
4c35eeade83dd03a411e7c058a282d266870066835de96ef97ae47ca4db2e2db
-
Size
1.2MB
-
MD5
0f2e764795742f3aeda39dee1b199e8c
-
SHA1
632b75715720f002dd1e50bbb4cd60c41ea39716
-
SHA256
4c35eeade83dd03a411e7c058a282d266870066835de96ef97ae47ca4db2e2db
-
SHA512
decec898cad85700fd37d42e1db8d2f8d812171c29ddee4e463436fcca4ff87520bea65e857354a268aac08658b8186cc486a55710e2fe6c4a9836d32430d0e0
-
SSDEEP
24576:NaVrd3QbTB1bJlaYonzd7NBzhPsL/JnN2rGV/NavLtpyfYq69pdF:NCaBVIzdLtsLJnqnOfYhpT
Malware Config
Signatures
Files
-
4c35eeade83dd03a411e7c058a282d266870066835de96ef97ae47ca4db2e2db.exe windows x86
32bf866838880aca67fab68fe6688546
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetLocalTime
WaitNamedPipeA
VirtualFree
WriteFile
HeapFree
VirtualAlloc
GetFileTime
GetSystemTime
ConnectNamedPipe
ReadFileScatter
DisconnectNamedPipe
FreeEnvironmentStringsA
HeapAlloc
HeapLock
SwitchToThread
GetThreadPriorityBoost
GetSystemInfo
lstrlenA
lstrcatA
SetFilePointer
GetSystemTimeAdjustment
HeapReAlloc
DeleteFileA
SetThreadPriorityBoost
CreateNamedPipeA
CreateFileA
WriteFileEx
ReadFile
CloseHandle
WaitForMultipleObjects
GetEnvironmentStringsA
FileTimeToDosDateTime
QueryDepthSList
GetStringTypeExA
GetEnvironmentVariableA
ExitProcess
SetEnvironmentVariableA
odbc32
SQLDescribeColA
SQLProcedureColumns
CursorLibLockDbc
SQLSetDescRec
SQLDriverConnectA
SQLTablePrivileges
CursorLibLockStmt
SQLDataSourcesA
SQLNativeSql
SQLColAttribute
SQLAllocStmt
SQLDescribeParam
SQLError
SQLNumParams
SQLDriverConnect
PostODBCComponentError
SQLSetStmtOption
SQLDataSources
SQLSetParam
SQLGetFunctions
SQLFreeEnv
SQLBrowseConnect
GetODBCSharedData
SQLColAttributes
SQLSetConnectAttr
SQLGetConnectAttr
VFreeErrors
SQLSetConnectOptionA
SQLNumResultCols
SQLGetCursorNameA
advpack
GetVersionFromFileEx
FileSaveRestore
NeedRebootInit
IsNTAdmin
CloseINFEngine
SetPerUserSecValues
DoInfInstall
user32
RegisterClassA
TranslateMessage
ShowWindow
EndPaint
DefWindowProcA
DispatchMessageA
CreateWindowExA
BeginPaint
SendMessageA
UpdateWindow
GetMessageA
DestroyWindow
Sections
.text Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ