Static task
static1
Behavioral task
behavioral1
Sample
60b99fc8722c83d61c97a0432120d1428166aaa4e79d8748ffe6386685486a36.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
60b99fc8722c83d61c97a0432120d1428166aaa4e79d8748ffe6386685486a36.exe
Resource
win10v2004-20220901-en
General
-
Target
60b99fc8722c83d61c97a0432120d1428166aaa4e79d8748ffe6386685486a36
-
Size
386KB
-
MD5
6aa73d84fd6a13afa7d53635919ec000
-
SHA1
3a64ff1bba6a7e023e249f0c45297c4a7a80a4f1
-
SHA256
60b99fc8722c83d61c97a0432120d1428166aaa4e79d8748ffe6386685486a36
-
SHA512
a1bd8f23b5309b24729141aef5dfb165c9a1ffae1c8f38777492918f98bbda502eedf7667972f7bdb8b8a23dc0bb5336f766033668e4517db9962c0480214fd3
-
SSDEEP
12288:W3g8kL3QswQAAg+Y8fZSSWDr8lcB9QR2bH7:kgDL6NAg+dfMS48a9D
Malware Config
Signatures
Files
-
60b99fc8722c83d61c97a0432120d1428166aaa4e79d8748ffe6386685486a36.exe windows x64
25185e007525592ba38da570c42133e5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetLocaleInfoW
LoadLibraryExW
LoadResource
FindResourceExW
GetSystemDefaultUILanguage
SearchPathW
CreateFileMappingA
CreateFileW
UnmapViewOfFile
MapViewOfFile
GetFileSize
GetPrivateProfileStringA
GetPrivateProfileIntW
GetPrivateProfileIntA
GetPrivateProfileStringW
GetFullPathNameA
GetFullPathNameW
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
LoadLibraryExA
LoadLibraryW
GetLocaleInfoA
GetTempPathA
GetTempFileNameA
FlushFileBuffers
GetSystemDirectoryA
CreateFileA
GetUserDefaultLCID
GetVersionExW
EnterCriticalSection
LeaveCriticalSection
CreateThread
CloseHandle
CreateEventA
SetEvent
DeleteCriticalSection
GetModuleFileNameA
GetModuleFileNameW
InitializeCriticalSection
FreeLibrary
lstrlenA
GetCPInfo
FindClose
FindFirstFileA
GetACP
GetFileAttributesW
GetFileAttributesA
FindFirstFileW
LocalFree
LocalAlloc
LoadLibraryA
GetProcAddress
FormatMessageW
FormatMessageA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlCaptureContext
SetLastError
CreateFileMappingW
GetUserDefaultUILanguage
GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
ExitProcess
GetLastError
GetStdHandle
lstrlenW
WriteConsoleW
GetConsoleMode
WideCharToMultiByte
GetVersionExA
WriteFile
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
msvcrt
memmove
memset
memcpy
_vsnprintf
_swab
_itow
wcsrchr
__C_specific_handler
free
mbtowc
__mb_cur_max
isleadbyte
bsearch
wcsncmp
_vsnwprintf
_wcsnicmp
_wcsicmp
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_iob
_snprintf
_itoa
wctomb
malloc
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
_errno
memcmp
oleaut32
CreateErrorInfo
SetErrorInfo
VariantClear
VariantCopy
VariantInit
SysAllocStringLen
LoadTypeLi
VariantChangeType
SafeArrayGetElement
SysFreeString
SysStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetUBound
LoadRegTypeLi
SafeArrayGetLBound
SafeArrayCopy
SysAllocString
ole32
CoInitialize
CoUninitialize
CoGetClassObject
CLSIDFromProgID
MkParseDisplayName
CLSIDFromString
CreateBindCtx
CoCreateInstance
CoRegisterMessageFilter
CoInitializeSecurity
CreateFileMoniker
version
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
advapi32
RegOpenKeyExW
RegCreateKeyExA
RegQueryValueExW
RegCreateKeyExW
ImpersonateLoggedOnUser
IsTextUnicode
ReportEventW
LookupAccountNameW
DeregisterEventSource
GetUserNameW
RegisterEventSourceW
RegOpenKeyExA
RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegSetValueExW
user32
MsgWaitForMultipleObjects
GetParent
SendMessageA
TranslateMessage
CreateWindowExA
KillTimer
DefWindowProcA
GetClassInfoA
SetWindowLongPtrA
PostMessageA
DispatchMessageA
IsWindowVisible
RegisterClassA
EnumThreadWindows
PostQuitMessage
GetWindowLongPtrA
SetTimer
GetClassNameA
GetMessageA
GetActiveWindow
CharNextA
LoadStringA
LoadStringW
PeekMessageA
Sections
.text Size: 75KB - Virtual size: 75KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 236KB - Virtual size: 460KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ