Static task
static1
Behavioral task
behavioral1
Sample
979364ca0ce81425b1510c8bfdfefb4b4a43d0613404880f9e9b1d6eb736fcc5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
979364ca0ce81425b1510c8bfdfefb4b4a43d0613404880f9e9b1d6eb736fcc5.exe
Resource
win10v2004-20220812-en
General
-
Target
979364ca0ce81425b1510c8bfdfefb4b4a43d0613404880f9e9b1d6eb736fcc5
-
Size
460KB
-
MD5
704d2bb710563c077ad71757e1da3173
-
SHA1
71c2b3ae241a5bb32cc8d9306cd9c594122ab33f
-
SHA256
979364ca0ce81425b1510c8bfdfefb4b4a43d0613404880f9e9b1d6eb736fcc5
-
SHA512
0a81a89eee0378782005de3271774dceb3de21c2beaf2f962a5df30d3d01d4eb8b32298f66152ad44181d2547d6a4b9c47da9376d14cba316a73da8e16b48928
-
SSDEEP
6144:lAEmVpiSrHz3g5jKLcS0PLUP0pCrJEATfKaTGmdDrh87bkf8bO9CVpAX4MYq:zmV9rH/OLUP3EA64uUYO9CvA9
Malware Config
Signatures
Files
-
979364ca0ce81425b1510c8bfdfefb4b4a43d0613404880f9e9b1d6eb736fcc5.exe windows x86
69878278ee9c5f35778fb5eb8d4afecf
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathAppendA
SHSetValueA
SHGetValueA
kernel32
DeleteCriticalSection
TlsFree
FileTimeToSystemTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
FreeResource
SetErrorMode
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
ExitProcess
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
LocalReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateFileW
SetStdHandle
SetHandleCount
GetStdHandle
FatalAppExitA
SetConsoleCtrlHandler
GetConsoleCP
GetConsoleMode
VirtualFree
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetACP
GetTimeZoneInformation
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
GetAtomNameA
GlobalGetAtomNameA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileA
GetCurrentProcessId
GlobalAddAtomA
SuspendThread
SetEvent
WaitForSingleObject
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalDeleteAtom
WaitForMultipleObjects
CreateEventA
ReleaseMutex
ReleaseSemaphore
CreateSemaphoreA
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
MultiByteToWideChar
InterlockedExchange
LoadLibraryA
GetProcAddress
GetModuleHandleA
lstrcatA
SetLastError
CreateMutexA
GetLastError
Sleep
DeleteFileA
RemoveDirectoryA
GetTempPathA
CreateFileA
GetModuleFileNameA
lstrlenA
WriteFile
CloseHandle
CreateProcessA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
ResumeThread
FreeLibrary
GetSystemTimeAsFileTime
SystemTimeToFileTime
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
CreateThread
user32
GetDialogBaseUnits
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GetMenuItemInfoA
InflateRect
UnregisterClassA
DestroyIcon
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
DeleteMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
wsprintfA
MessageBoxA
PostQuitMessage
GetMessageExtraInfo
GetClassNameA
DefWindowProcA
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetWindowTextLengthA
GetWindowTextA
UnhookWindowsHookEx
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
TranslateMessage
SetMessageExtraInfo
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
RegisterWindowMessageA
CharLowerA
CharLowerW
CharUpperA
CharUpperW
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
MsgWaitForMultipleObjects
gdi32
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectA
CreateRectRgnIndirect
EnumMetaFile
GetCurrentPositionEx
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetObjectType
PlayMetaFileRecord
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
SetRectRgn
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
ArcTo
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
shell32
ExtractIconA
SHGetFileInfoA
SHGetSpecialFolderPathA
SHGetFolderPathA
ShellExecuteA
ole32
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
OleDuplicateData
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoInitializeEx
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg
oleaut32
SafeArrayPutElement
VariantInit
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
VarDateFromStr
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
Sections
.text Size: 344KB - Virtual size: 341KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 84KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ