_ClosePerfMon@0
_CollectPerfMon@16
_OpenPerfMon@4
Static task
static1
Behavioral task
behavioral1
Sample
48066530d95a11c6234d37c232954a2d1ba3053c0e86acd1b7eab85d9b074e60.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
48066530d95a11c6234d37c232954a2d1ba3053c0e86acd1b7eab85d9b074e60.exe
Resource
win10v2004-20220812-en
Target
48066530d95a11c6234d37c232954a2d1ba3053c0e86acd1b7eab85d9b074e60
Size
592KB
MD5
6619cf2a74d94dc464db46ef01f0fc93
SHA1
5c2ef88569af3f74ed24ee859712092fcc48aa96
SHA256
48066530d95a11c6234d37c232954a2d1ba3053c0e86acd1b7eab85d9b074e60
SHA512
088a50381dbb0fe5bc0a8763c89b1ead96513bb8c529c5f5ac16df89dcc25a73da34c6ff46d3c4e6d82445d67e87ad3a99f56513ce652df405432a40c42f4c4e
SSDEEP
12288:+/9vk6uKvMdQxDYj5FaL6M/zqcgf0KyOCqYplYMQFyu:ImrhMucM03OfYbYMQFyu
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
WinVerifyTrust
EnumProcessModules
EnumProcesses
GetModuleBaseNameW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetCurrentDirectoryW
OutputDebugStringW
InterlockedIncrement
GetLocalTime
GetCurrentThreadId
ReleaseMutex
WaitForSingleObject
VirtualQuery
Sleep
InterlockedCompareExchange
MapViewOfFile
lstrcmpiW
TryEnterCriticalSection
GetLongPathNameW
OpenProcess
ProcessIdToSessionId
PostQueuedCompletionStatus
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcess
GetCurrentThread
InterlockedExchangeAdd
QueryPerformanceFrequency
SetEvent
WaitForMultipleObjects
CreateEventW
SetWaitableTimer
CreateWaitableTimerW
GetSystemInfo
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
ResetEvent
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
lstrlenW
DeviceIoControl
LoadLibraryExW
GetModuleHandleW
InterlockedExchange
GetQueuedCompletionStatus
CreateDirectoryW
TerminateThread
GetExitCodeThread
GetSystemDefaultLangID
EnumResourceLanguagesW
OpenFileMappingW
GetCommandLineW
CreateThread
GetEnvironmentVariableW
GetFileSizeEx
ExpandEnvironmentStringsW
VerifyVersionInfoW
VerSetConditionMask
IsBadWritePtr
DeleteTimerQueueTimer
GlobalFree
GlobalAlloc
IsBadStringPtrW
IsBadReadPtr
CreateTimerQueueTimer
SetCurrentDirectoryW
SetProcessWorkingSetSize
SystemTimeToFileTime
GetVersionExA
LoadLibraryA
GetSystemDirectoryA
lstrlenA
GetShortPathNameA
Module32Next
Module32First
CreateToolhelp32Snapshot
FindFirstFileA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringW
CompareStringA
GetDateFormatA
GetTimeFormatA
ExitProcess
GetStringTypeW
GetModuleFileNameW
CreateMutexW
GetCurrentProcessId
RemoveDirectoryW
GetStringTypeA
FindNextFileW
SetFileAttributesW
MoveFileExW
CopyFileW
GetShortPathNameW
WritePrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStructA
GetPrivateProfileStringA
GetWindowsDirectoryA
CreateFileA
ReadFile
SetFilePointer
WriteFile
InterlockedDecrement
FindFirstFileW
FindClose
GetFileAttributesW
GetThreadLocale
GetLocaleInfoA
GetACP
MultiByteToWideChar
WideCharToMultiByte
LocalAlloc
LocalFree
EnterCriticalSection
GetSystemDirectoryW
LoadLibraryW
LeaveCriticalSection
GetProcAddress
FreeLibrary
GetVersionExW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
DeleteFileW
GetTempPathW
GetTempFileNameW
GetFileSize
CreateFileW
CloseHandle
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEndOfFile
SetLastError
VirtualFree
HeapCreate
SetEnvironmentVariableA
CreateIoCompletionPort
GetCPInfo
LCMapStringW
WriteConsoleA
GetLocaleInfoW
GetTimeZoneInformation
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
LCMapStringA
GetStartupInfoW
ExitThread
GetModuleHandleA
VirtualAlloc
VirtualProtect
RtlUnwind
GetFileType
SetHandleCount
GetOEMCP
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadStringW
PostThreadMessageW
GetMessageW
DispatchMessageW
CharUpperW
CharNextW
UnregisterClassA
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
wsprintfW
RegSetValueExA
EqualSid
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegEnumValueW
RegisterServiceCtrlHandlerW
RegQueryInfoKeyW
RegisterEventSourceW
ReportEventW
DeregisterEventSource
SetServiceStatus
StartServiceCtrlDispatcherW
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
RegEnumKeyExW
RegCreateKeyExW
RegNotifyChangeKeyValue
SetSecurityInfo
GetTokenInformation
GetAce
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner
CopySid
IsValidSid
GetLengthSid
OpenThreadToken
OpenProcessToken
GetSecurityDescriptorLength
MakeSelfRelativeSD
InitializeSecurityDescriptor
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeAbsoluteSD
GetSecurityDescriptorControl
GetAclInformation
InitializeAcl
AddAce
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
SHGetFolderPathW
CoDisconnectObject
CLSIDFromProgID
CoResumeClassObjects
CoInitializeSecurity
CoRegisterClassObject
CoUninitialize
CoInitializeEx
CoTaskMemRealloc
CoLoadLibrary
CoFreeLibrary
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoRevokeClassObject
CoImpersonateClient
CoRevertToSelf
CoGetClassObject
CoSuspendClassObjects
SysAllocStringLen
VarUI4FromStr
SysAllocString
SysFreeString
VariantClear
VariantInit
UnloadUserProfile
_ClosePerfMon@0
_CollectPerfMon@16
_OpenPerfMon@4
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ