runme
stop
Static task
static1
Behavioral task
behavioral1
Sample
8735d4ed13c0bed617f8db84f6f118d2d7f13013ba5ed2c306c62d2f766e573b.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8735d4ed13c0bed617f8db84f6f118d2d7f13013ba5ed2c306c62d2f766e573b.dll
Resource
win10v2004-20220901-en
Target
8735d4ed13c0bed617f8db84f6f118d2d7f13013ba5ed2c306c62d2f766e573b
Size
545KB
MD5
6c4f41b99117eb39e6aeda2913af61a0
SHA1
c4c3c0e6204efbd3554c90a81d824f9b507c6efe
SHA256
8735d4ed13c0bed617f8db84f6f118d2d7f13013ba5ed2c306c62d2f766e573b
SHA512
c9871bcc2eb7407427c70ab80fd29700e8f441954deb265548089f1eebd8053b8a570648f31132499b26365c226727c29003893218cba21a5d548153a60808aa
SSDEEP
12288:ZG2QHUqPsmpyYpL6w25KuvIHZVYwmP9XdSV+:ZG2IsmBCsa3XdSV
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
GetProcAddress
GetModuleHandleA
GetLastError
CreateEventA
SetEvent
SetFileAttributesW
CreateDirectoryW
CreateDirectoryA
CreateProcessA
TerminateProcess
ReadFile
CreateFileA
SetFilePointer
WriteFile
GetTickCount
FindAtomA
GetCurrentProcess
CreateFileW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryW
HeapReAlloc
GetStringTypeW
lstrcmpiA
GetTempPathA
CloseHandle
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
EncodePointer
DecodePointer
MultiByteToWideChar
GetSystemTimeAsFileTime
RtlUnwind
HeapAlloc
RaiseException
HeapFree
GetCurrentThreadId
GetCommandLineA
LCMapStringW
GetCPInfo
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
VirtualQuery
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
FlushFileBuffers
CallNextHookEx
SetWindowsHookExA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjectsEx
UnhookWindowsHookEx
IsWindowVisible
EqualRect
GetFocus
GetBkColor
GetBkMode
runme
stop
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ