Static task
static1
Behavioral task
behavioral1
Sample
9f6a6531d562ac0e577943cab72fd995241d1c651342183c8590998da6aad089.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9f6a6531d562ac0e577943cab72fd995241d1c651342183c8590998da6aad089.exe
Resource
win10v2004-20220901-en
General
-
Target
9f6a6531d562ac0e577943cab72fd995241d1c651342183c8590998da6aad089
-
Size
200KB
-
MD5
689baf74691abfa4b69de84197f44fba
-
SHA1
0332c9837cab67605d047cdec1622413299d853b
-
SHA256
9f6a6531d562ac0e577943cab72fd995241d1c651342183c8590998da6aad089
-
SHA512
52cdb97791360f25e3fff63baaac578171cc0c21dbe48b2c4d41316b68ce4699a658d61d687f3c4b2f133beb250298649d83828baf074b1620b201dbffc8f7e5
-
SSDEEP
3072:To/GyHh5rHZEeyMW+7zMfbkyO6jUAORgxVImJXVVX73s7jeVQulf9lT:kOgh+T+HMj3jUAOROVIIF9c7qVNllZ
Malware Config
Signatures
Files
-
9f6a6531d562ac0e577943cab72fd995241d1c651342183c8590998da6aad089.exe windows x86
03f9489196f20d4a01c98d79d0e86793
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
crypt32
CryptDecodeObject
CertCloseStore
CertFreeCRLContext
CertDuplicateStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptEncodeObject
CertEnumCertificatesInStore
CryptFindOIDInfo
CertOpenStore
CertDuplicateCertificateContext
CryptQueryObject
CertEnumSystemStore
CertDeleteCertificateFromStore
CryptEnumOIDInfo
CertFindCRLInStore
CertGetEnhancedKeyUsage
CertSaveStore
CertGetCertificateContextProperty
CertGetNameStringW
CertControlStore
kernel32
LoadLibraryW
GlobalUnlock
GetCurrentProcess
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GlobalAlloc
FileTimeToLocalFileTime
OutputDebugStringW
GetLocaleInfoW
GetCPInfo
GetModuleHandleW
SetUnhandledExceptionFilter
GetDateFormatW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
IsBadReadPtr
FormatMessageW
WriteFile
GetModuleHandleA
lstrlenW
GetComputerNameW
GetStartupInfoA
DeleteCriticalSection
CloseHandle
GetLastError
InitializeCriticalSection
IsValidCodePage
MultiByteToWideChar
lstrcpyW
lstrcmpiW
LocalAlloc
LocalReAlloc
SetLastError
GetSystemDefaultLCID
GetEnvironmentStringsA
DeleteFileA
WideCharToMultiByte
GlobalFree
LocalFree
GetModuleFileNameW
FileTimeToSystemTime
OutputDebugStringA
CreateFileW
GlobalLock
QueryPerformanceCounter
msvcrt
wcscpy
wcscat
wcschr
mbstowcs
??2@YAPAXI@Z
vswprintf
wcstoul
_onexit
_initterm
_adjust_fdiv
_wcsupr
__RTDynamicCast
??3@YAXPAX@Z
__dllonexit
?terminate@@YAXXZ
wcscmp
memmove
free
malloc
_wcsicmp
??1type_info@@UAE@XZ
wcslen
wcsstr
wcsrchr
_except_handler3
_purecall
ole32
StringFromCLSID
CreateStreamOnHGlobal
GetHGlobalFromStream
CoSetProxyBlanket
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
CoCreateInstanceEx
user32
SetWindowTextW
GetDlgItem
SetWindowLongW
SendMessageW
GetDlgItemTextA
DialogBoxParamW
ReleaseDC
SetFocus
PostMessageW
LoadStringW
GetDC
WinHelpW
LoadBitmapW
EnableWindow
GetParent
InsertMenuItemW
wsprintfW
RegisterClipboardFormatW
LoadCursorW
GetWindowLongW
SendDlgItemMessageW
LoadIconW
SetDlgItemTextW
MessageBoxW
SetCursor
LoadImageW
SystemParametersInfoW
EndDialog
gdi32
GetDeviceCaps
CreateFontIndirectW
DeleteObject
certcli
CAFindCertTypeByName
CAEnumNextCertType
CASetCertTypeKeySpec
CAGetCertTypeProperty
CAEnumCertTypes
CAFreeCAProperty
CACreateCertType
CAFreeCertTypeProperty
CACloseCA
CAUpdateCA
CASetCertTypeExtension
CASetCertTypeFlags
CAUpdateCertType
CACertTypeGetSecurity
CAAddCACertificateType
CACertTypeSetSecurity
CAFreeCertTypeExtensions
CAGetCertTypePropertyEx
CAFindByName
CASetCertTypeProperty
CAGetCAProperty
CAGetCertTypeExtensions
CAEnumCertTypesForCA
CARemoveCACertificateType
CACloseCertType
CAGetCertTypeFlags
CAGetCertTypeKeySpec
advapi32
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
comctl32
CreatePropertySheetPageW
PropertySheetW
cryptui
CryptUIDlgViewCRLW
CryptUIDlgSelectCertificateW
CryptUIWizExport
CryptUIDlgViewCertificateW
shell32
ShellExecuteW
ShellExecuteExW
rpcrt4
UuidCreate
Sections
.text Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mdata Size: 60KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ