Static task
static1
Behavioral task
behavioral1
Sample
4f1c9a8a15bb2f699cd26dfcd70bd6b099647fdbef07ee27a01e79abc5febad6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4f1c9a8a15bb2f699cd26dfcd70bd6b099647fdbef07ee27a01e79abc5febad6.exe
Resource
win10v2004-20220812-en
General
-
Target
4f1c9a8a15bb2f699cd26dfcd70bd6b099647fdbef07ee27a01e79abc5febad6
-
Size
281KB
-
MD5
4e8434c1e41d49b2687a51431bd1fcb0
-
SHA1
db708f6a35f58def8e94cd105272dfb38a788014
-
SHA256
4f1c9a8a15bb2f699cd26dfcd70bd6b099647fdbef07ee27a01e79abc5febad6
-
SHA512
b838f668d0ac82939461bf73a41edeb192430b8fc1360f827d247861d314880f2ad5f71ea2c9d7a4f40af5b4420034da2330e25440737cf728dfd5ceb7b5cc27
-
SSDEEP
6144:a4SFWQ/OkaCowq/cXH4DDvYAENlgE2Kmgh:a44qkalNc34PkNlgEzJh
Malware Config
Signatures
Files
-
4f1c9a8a15bb2f699cd26dfcd70bd6b099647fdbef07ee27a01e79abc5febad6.exe windows x86
7c327ac5897341697656a495e9cde1ac
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualFree
GetProcAddress
LoadLibraryA
FindNextFileA
FindNextChangeNotification
SetUnhandledExceptionFilter
CreateThread
VirtualProtect
GetLastError
GetComputerNameA
LocalAlloc
GlobalUnlock
VirtualAlloc
GetDriveTypeA
CopyFileA
LoadResource
GetSystemTimeAdjustment
GetCurrentThreadId
InitializeCriticalSection
InterlockedIncrement
Sleep
WriteFileGather
InterlockedDecrement
ReleaseMutex
FindResourceA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sections
.text Size: 237KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ