Static task
static1
Behavioral task
behavioral1
Sample
97d2e7808984018dd0cd0fbaa1232bd5c42c9cd042a317ca04e0fc2d0881f6cf.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
97d2e7808984018dd0cd0fbaa1232bd5c42c9cd042a317ca04e0fc2d0881f6cf.exe
Resource
win10v2004-20220812-en
General
-
Target
97d2e7808984018dd0cd0fbaa1232bd5c42c9cd042a317ca04e0fc2d0881f6cf
-
Size
569KB
-
MD5
47d29a97289704e931ca178ff524c806
-
SHA1
987e79053216acb7b225fe23c026a578ab69738b
-
SHA256
97d2e7808984018dd0cd0fbaa1232bd5c42c9cd042a317ca04e0fc2d0881f6cf
-
SHA512
994e19555be3e6db8c9db1ce4c802185740c6b1b3e5ea7a9e56229ade8c2e7c75edab0636862a939c92f966b1aad31b050aae8304ee2549c8a69acef97c41edc
-
SSDEEP
12288:QLSLyjBftSM5D2gdvfSS2GIIyJ8b/hhL9n7FEH:9LyjBfIA70GQ8b/DL9n6H
Malware Config
Signatures
Files
-
97d2e7808984018dd0cd0fbaa1232bd5c42c9cd042a317ca04e0fc2d0881f6cf.exe windows x86
a51fa66aefc8e232e5060b01bba8da04
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReadFile
GetSystemDirectoryA
GlobalUnlock
GetStdHandle
GetLastError
GetProcAddress
LoadLibraryA
GetConsoleScreenBufferInfo
EnumDateFormatsA
FindFirstChangeNotificationA
FillConsoleOutputAttribute
GetVersionExA
CloseHandle
GetCurrentProcessId
GetProcessHeap
SetEndOfFile
HeapReAlloc
HeapSize
FlushFileBuffers
SetStdHandle
WriteConsoleW
SetFilePointer
GetFileAttributesW
Sleep
GetStringTypeW
GlobalAlloc
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
LoadLibraryW
DeleteCriticalSection
HeapFree
GetConsoleMode
GetConsoleCP
LCMapStringW
WideCharToMultiByte
RtlUnwind
InitializeCriticalSectionAndSpinCount
SetConsoleCursorPosition
FindCloseChangeNotification
WaitForSingleObject
GlobalLock
GetCurrentProcess
HeapAlloc
GetFileSize
LeaveCriticalSection
EnterCriticalSection
HeapCreate
GetModuleFileNameW
CreateFileW
WriteFile
GetCurrentThreadId
SetLastError
CreateFileA
GetSystemTimeAsFileTime
FillConsoleOutputCharacterA
TlsFree
TlsSetValue
MultiByteToWideChar
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
user32
EndDeferWindowPos
DestroyWindow
GetUserObjectInformationA
GetWindowRect
IsMenu
IsIconic
GetKeyState
LoadStringA
GetClientRect
GetWindowTextLengthA
SendMessageA
GetMenu
SetWindowLongA
GetWindowLongA
GetClassNameW
SendDlgItemMessageW
GetMenuItemInfoA
LoadAcceleratorsA
CreateDialogParamW
GetMenuItemCount
DeferWindowPos
GetSystemMetrics
comdlg32
ChooseColorA
advapi32
CredEnumerateA
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
DeleteService
shell32
SHGetFileInfoA
ole32
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
OleSavePictureFile
msacm32
acmDriverDetailsA
acmMetrics
comctl32
ImageList_Create
dbghelp
EnumerateLoadedModules
Sections
.text Size: 447KB - Virtual size: 446KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sidata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tss Size: 512B - Virtual size: 223B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ