IcmpCloseHandle
IcmpCreateFile
IcmpParseReplies
IcmpSendEcho
IcmpSendEcho2
do_echo_rep
do_echo_req
register_icmp
Static task
static1
Behavioral task
behavioral1
Sample
Ipconfig.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Ipconfig.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
icmp.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
icmp.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
iertutil.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
iertutil.dll
Resource
win10v2004-20220812-en
Target
f9fe1005cfadc5847e420de9eafe4e87d94d8b7adc1b9d07af6b84446e33c2e4
Size
674KB
MD5
c69191031fe2ca0b28b01f63cb10a95d
SHA1
16e097b8be25e30eea196e684952dd154bbbd435
SHA256
f9fe1005cfadc5847e420de9eafe4e87d94d8b7adc1b9d07af6b84446e33c2e4
SHA512
d0b633a83b95b14273de5966201160892c1360da6c89d17fcce78762cd0c8b26d52e7fee376d39cc766feeab7699ac5a02c317c25f107fd23b5570c738554455
SSDEEP
12288:/0PHETIZo192upjrSJsbUky2j64m46OLOv9krk9Muj92wYgcur6BvYDWwWaYuJ:sM91FbJ4mLOvB9MRwY+0vY6LM
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
wcschr
_wcsicmp
_get_osfhandle
fflush
_setmode
_write
fgetpos
fwprintf
__setusermatherr
__iob_func
__p__fmode
_cexit
_exit
__set_app_type
__wgetmainargs
_amsg_exit
_fileno
__p__commode
_initterm
?terminate@@YAXXZ
toupper
_controlfp
_except_handler4_common
_XcptFilter
exit
memcpy
setlocale
_vsnwprintf
memset
GetProcAddress
LoadLibraryExW
GetModuleHandleW
FreeLibrary
ConvertInterfaceLuidToGuid
GetNetworkParams
ConvertInterfaceIndexToLuid
ConvertInterfaceLuidToNameW
ConvertGuidToStringW
GetCurrentThreadCompartmentId
GetAdaptersAddresses
SetCurrentThreadCompartmentId
ConvertLengthToIpv4Mask
LocalAlloc
LocalFree
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RtlIpv6AddressToStringW
RtlStringFromGUID
RtlIpv6AddressToStringExW
RtlIpv4AddressToStringExW
RtlFreeUnicodeString
GetTickCount
GetComputerNameExW
GetSystemTimeAsFileTime
FormatMessageW
SetThreadUILanguage
InetNtopW
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
DnsGetCacheDataTable
DnsFlushResolverCache
DnsResolverOp
DnsQuery_W
DnsQueryConfigAllocEx
DnsFree
DnsFreeConfigStructure
HeapSetInformation
GetProcessHeap
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
GetConsoleMode
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
QueryPerformanceCounter
NsiFreeTable
NsiGetAllParameters
NsiSetAllParameters
NsiAllocateAndGetTable
DhcpEnumClasses
DhcpAcquireParameters
DhcpHandlePnPEvent
DhcpReleaseParameters
Dhcpv6IsEnabled
Dhcpv6ReleaseParameters
Dhcpv6GetUserClasses
Dhcpv6SetUserClass
Dhcpv6AcquireParameters
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
GetEnvironmentVariableW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IcmpCloseHandle
IcmpCreateFile
IcmpParseReplies
IcmpSendEcho
IcmpSendEcho2
do_echo_rep
do_echo_req
register_icmp
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
wcstok_s
isxdigit
iswcntrl
_itow_s
iswascii
wcstod
bsearch
iswdigit
realloc
iswpunct
isalpha
_snwprintf_s
wcschr
memmove
iswalnum
wcstoul
memcpy
strstr
wcsncpy_s
memcmp
_except_handler4_common
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
isspace
wcsstr
_CxxThrowException
_unlock
_lock
_initterm
?what@exception@@UBEPBDXZ
malloc
free
toupper
_amsg_exit
_XcptFilter
_wcsicmp
swprintf_s
iswxdigit
wcsncat_s
wcscpy_s
strncmp
wcsnlen
wcscat_s
wcsrchr
wcstol
_wcsnicmp
memmove_s
_errno
wcscspn
_wcslwr_s
wcsncmp
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
_wcslwr
iswspace
??0exception@@QAE@XZ
_vsnprintf_s
memcpy_s
??1exception@@UAE@XZ
__CxxFrameHandler3
iswalpha
_vsnwprintf
memset
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
WaitForSingleObjectEx
WaitForSingleObject
OpenSemaphoreW
CreateMutexExW
CreateSemaphoreExW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitializeCriticalSection
ReleaseMutex
InitializeSRWLock
AcquireSRWLockExclusive
AcquireSRWLockShared
InitializeCriticalSectionEx
ReleaseSRWLockExclusive
ReleaseSRWLockShared
CoCreateInstance
CoCreateFreeThreadedMarshaler
StringFromGUID2
CoRevertToSelf
CLSIDFromString
CoGetApartmentType
CoTaskMemFree
CoInitializeEx
CoCreateGuid
CoTaskMemAlloc
CoGetInterfaceAndReleaseStream
CoUninitialize
CoGetClassObject
CoImpersonateClient
IIDFromString
CoMarshalInterThreadInterfaceInStream
GetModuleFileNameW
LoadStringW
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
DisableThreadLibraryCalls
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
GetLastError
SetLastError
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
RoGetActivationFactory
IsDBCSLeadByteEx
GetUserDefaultLocaleName
GetLocaleInfoEx
FormatMessageW
IdnToAscii
IdnToUnicode
LCMapStringW
GetThreadId
TerminateProcess
TlsAlloc
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
OpenProcessToken
GetCurrentThread
TlsFree
TlsGetValue
GetProcessId
TlsSetValue
OpenThreadToken
OpenThread
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
DebugBreak
OutputDebugStringW
IsDebuggerPresent
OutputDebugStringA
DuplicateHandle
CloseHandle
InitOnceExecuteOnce
Sleep
InitOnceComplete
SleepConditionVariableSRW
InitOnceBeginInitialize
WakeAllConditionVariable
EventUnregister
EventRegister
EventProviderEnabled
EventWriteEx
EventWriteTransfer
EventSetInformation
VirtualProtect
CreateFileMappingW
UnmapViewOfFile
ReadProcessMemory
MapViewOfFile
MapViewOfFileEx
OpenFileMappingW
VerSetConditionMask
CloseThreadpoolTimer
TrySubmitThreadpoolCallback
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
LocalReAlloc
GlobalFree
GlobalAlloc
LocalAlloc
LocalFree
GetDiskFreeSpaceExW
CompareFileTime
CreateFileW
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetVersionExA
GetTickCount
GlobalMemoryStatusEx
GetWindowsDirectoryW
GetVersionExW
QuirkIsEnabled
RegCreateKeyExW
RegGetValueW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
SetEnvironmentVariableW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
ConvertSidToStringSidW
AddAccessAllowedAce
CreateRestrictedToken
CheckTokenMembership
DuplicateTokenEx
GetSecurityDescriptorSacl
GetAce
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetSidSubAuthorityCount
FreeSid
DeleteAce
AddAccessAllowedAceEx
GetSidIdentifierAuthority
GetSidSubAuthority
SetSecurityDescriptorSacl
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
GetKernelObjectSecurity
GetAclInformation
SetTokenInformation
AllocateAndInitializeSid
GetSidLengthRequired
SetKernelObjectSecurity
GetLengthSid
AddMandatoryAce
DuplicateToken
AddAce
InitializeSid
CreateWellKnownSid
EqualSid
CopySid
GetTokenInformation
K32GetModuleFileNameExW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW
QueryPerformanceFrequency
QueryPerformanceCounter
VerifyVersionInfoW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
PathIsUNCW
PathFindFileNameW
PathSkipRootW
PathFileExistsW
StrCmpNICW
StrChrNW
StrCmpNW
StrStrIW
StrDupW
StrCmpICW
StrStrW
StrChrW
StrTrimW
lstrcmpW
lstrcmpA
lstrlenW
lstrlenA
Module32FirstW
CreateToolhelp32Snapshot
RtlIpv6StringToAddressExW
RtlIpv4StringToAddressExW
RtlIpv6AddressToStringExW
RtlGetSuiteMask
RtlImageNtHeaderEx
RtlQueryPackageClaims
NtQuerySystemInformation
RtlIpv4AddressToStringExW
RaiseFailFastException
PathAllocCanonicalize
PathCchAppend
PathCchRemoveFileSpec
PathCchCombineEx
CreateFile2
OpenProcess
CompareStringW
CompareStringOrdinal
MultiByteToWideChar
GetStringTypeExW
WideCharToMultiByte
IsWow64Process
CharLowerW
LoadLibraryA
DecodePointer
EncodePointer
ResolveDelayLoadedAPI
DelayLoadFailureHook
RegisterWaitForSingleObject
UnregisterWait
ReportEventW
DeregisterEventSource
RegisterEventSourceW
SHStrDupW
GlobalReAlloc
GetStringScripts
VerifyScripts
CreateIUriBuilder
CreateStringHashN
CreateUri
CreateUriFromMultiByteString
CreateUriPriv
CreateUriWithFragment
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
FastMimeGetFileExtension
FastMimeGetIsMimeFilterEnabled
FastMimeLookupKnownType
FastMimeSetIsMimeFilterEnabled
GetIDNSettingsForIE
GetIUriPriv
GetIUriPriv2
GetPortFromUrlScheme
GetPropertyFromName
GetPropertyName
IEGetFrameUtilExports
IEGetProcessModule
IEGetTabWindowExports
IUriBuilderInternalCreateDomain
ImpersonateUser
IntlPercentEncodeNormalize
IsDWORDProperty
IsStringProperty
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback
PrivateCoInternetCanonicalizeIUri
PrivateCoInternetCombineIUri
PrivateCoInternetParseIUri
ResetIDNLanguageData
ResetIEExtensibility
ResetIERegistrySettings
RetiredOrdinal
RevertImpersonate
UriFromHostAndScheme
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ