Static task
static1
Behavioral task
behavioral1
Sample
a091119da8a9a37f78543e103e0c6ec1d5dd1a778906415a01ec13bd71f6f3c4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a091119da8a9a37f78543e103e0c6ec1d5dd1a778906415a01ec13bd71f6f3c4.exe
Resource
win10v2004-20220812-en
General
-
Target
a091119da8a9a37f78543e103e0c6ec1d5dd1a778906415a01ec13bd71f6f3c4
-
Size
576KB
-
MD5
4ae2bf555d5f9dfbd2e34a9c5cfd6026
-
SHA1
0383fed70a79e217cacb9b0f18653d15f5311017
-
SHA256
a091119da8a9a37f78543e103e0c6ec1d5dd1a778906415a01ec13bd71f6f3c4
-
SHA512
33e6c7552cede015eec0c6246ace7989447e55344ef9af7d2c14bfa5506db8c7c93b60983d26ad04cd17d77453a91772bf797402f674f2430f74888cea1f8bf8
-
SSDEEP
6144:Oh+HjfSmfhAU4Wp+cBS7vyVElW8EknuGgslVFwlhB0ZIY4PJg:OgHjfh5AU3UcBCKYnr3cl2r4PJ
Malware Config
Signatures
Files
-
a091119da8a9a37f78543e103e0c6ec1d5dd1a778906415a01ec13bd71f6f3c4.exe windows x86
9314ef342e5cc7178a2850d621af13c3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
psapi
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
ws2_32
htons
htonl
ntohs
msi
ord72
ord113
ord141
ord88
ord94
ord8
setupapi
SetupGetStringFieldW
SetupGetFieldCount
SetupFindFirstLineW
SetupCloseInfFile
SetupFindNextLine
SetupGetIntField
CM_Reenumerate_DevNode
CM_Locate_DevNodeW
SetupDiChangeState
SetupGetLineCountW
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
CMP_WaitNoPendingInstallEvents
SetupCopyOEMInfW
SetupDiSetClassInstallParamsW
SetupGetLineTextW
SetupOpenInfFileW
rpcrt4
RpcStringFreeW
UuidToStringW
winspool.drv
ClosePrinter
GetPrinterDriverDirectoryW
EnumPrintersW
EnumPrintProcessorsW
ord204
OpenPrinterW
DocumentPropertiesW
kernel32
GlobalFlags
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
WritePrivateProfileStringW
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
DeleteCriticalSection
GetFullPathNameW
SetErrorMode
GetFileTime
GetStartupInfoW
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetCurrentProcessId
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
CreateProcessA
GetFileAttributesA
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSection
RaiseException
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
lstrcpyW
GlobalAlloc
FormatMessageW
LocalFree
InterlockedDecrement
lstrcpynW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenW
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcmpiW
GetComputerNameW
GetSystemDefaultLangID
GetPrivateProfileStringW
LoadLibraryExW
GetProcessHeap
HeapAlloc
HeapFree
GetVersionExW
lstrcatW
ConnectNamedPipe
CreateNamedPipeW
MoveFileExW
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
SetLastError
GetFileSize
ReadFile
WriteFile
GetOverlappedResult
CreateFileW
SetCurrentDirectoryW
TerminateProcess
CreateProcessW
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
OpenProcess
CloseHandle
WaitForSingleObject
CreateEventW
CreateThread
SetEvent
GetWindowsDirectoryW
FindClose
GetCurrentDirectoryW
CopyFileW
CreateDirectoryW
GetLastError
FindFirstFileW
GetFileAttributesW
FindNextFileW
Sleep
RemoveDirectoryW
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemDirectoryW
SetFileAttributesW
DeleteFileW
GetVolumeInformationW
user32
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
wsprintfW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
SetCursor
LoadCursorW
KillTimer
SetTimer
LoadStringW
LoadIconW
SendMessageW
PostThreadMessageW
RegisterClipboardFormatW
EnableWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
GetMessagePos
SetRect
IsRectEmpty
CharNextW
CharUpperW
ReleaseCapture
SetCapture
DestroyMenu
MessageBoxW
gdi32
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
Escape
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateFontW
SelectObject
comdlg32
GetFileTitleW
advapi32
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegEnumValueW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
InitiateSystemShutdownW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
StartServiceW
QueryServiceStatus
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegOpenKeyExW
RegCloseKey
RegCreateKeyW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
ImpersonateSelf
OpenThreadToken
RegSetValueExW
shell32
ShellExecuteW
comctl32
ord17
shlwapi
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW
oledlg
OleUIBusyW
ole32
CreateILockBytesOnHGlobal
CoInitialize
CoCreateInstance
CoCreateGuid
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StgCreateDocfileOnILockBytes
CoTaskMemFree
oleaut32
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocString
OleCreateFontIndirect
Sections
.text Size: 228KB - Virtual size: 227KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 164KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
w��9Ab Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE