Static task
static1
Behavioral task
behavioral1
Sample
46d8ea9ad9f6da03e6ca32e2139cbf869f4900bbca9f2185671b058352ab127f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
46d8ea9ad9f6da03e6ca32e2139cbf869f4900bbca9f2185671b058352ab127f.exe
Resource
win10v2004-20220812-en
General
-
Target
46d8ea9ad9f6da03e6ca32e2139cbf869f4900bbca9f2185671b058352ab127f
-
Size
211KB
-
MD5
60c586360ca8a61a0cbfc47a7012d1e0
-
SHA1
1eb2394e850faf7e5b4eb36e8ea710347d8243b7
-
SHA256
46d8ea9ad9f6da03e6ca32e2139cbf869f4900bbca9f2185671b058352ab127f
-
SHA512
bf082be72767c8329a1c1feefbe01792a09763c3ce755a76f3a092569ff81b055f0070b4965534a4f47cd4919db8862ee6e62f3aa1626253c0ec2e8475e00e95
-
SSDEEP
3072:2VetpIZG6JWdCVlY4A5XCwDj/LgzJUy9quC6a+giwCiv/1qNdgA:rpIQWKCgHgzl9qga+giRi1qNd
Malware Config
Signatures
Files
-
46d8ea9ad9f6da03e6ca32e2139cbf869f4900bbca9f2185671b058352ab127f.exe windows x86
514e724831633fbd045c99d6385b8bdf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
hccutils
LoadBITMAP
LoadSTRINGW
LoadICON
LoadIMAGE
FindResources
kernel32
CreateEventA
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
lstrlenA
lstrcmpiA
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
CreateMutexA
GetCurrentThreadId
GetCommandLineA
Sleep
GetConsoleCP
SetStdHandle
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetLastError
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStdHandle
WriteFile
HeapCreate
HeapReAlloc
VirtualFree
LCMapStringA
ExitProcess
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsAlloc
CloseHandle
GetVersionExA
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
FlushFileBuffers
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
TerminateProcess
EnterCriticalSection
UnhandledExceptionFilter
LeaveCriticalSection
HeapFree
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
GetProcessHeap
user32
GetCursorPos
GetWindowLongW
CharNextA
CharNextW
PostThreadMessageA
SetWindowLongW
FindWindowA
SendMessageW
RegisterWindowMessageA
IsWindow
CreateDialogParamW
ShowWindow
GetDC
GetSystemMetrics
ReleaseDC
PostQuitMessage
SetTimer
KillTimer
CreatePopupMenu
AppendMenuA
SetForegroundWindow
TrackPopupMenu
DestroyIcon
DestroyWindow
GetDlgItem
SendMessageA
GetDesktopWindow
GetWindowRect
SetWindowTextW
wsprintfW
RegisterClassA
CreateWindowExA
PostMessageA
GetMessageA
DispatchMessageA
DefWindowProcA
DestroyMenu
gdi32
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
DeleteObject
advapi32
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
shell32
Shell_NotifyIconW
ole32
CLSIDFromProgID
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoSuspendClassObjects
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
oleaut32
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantClear
shlwapi
StrStrIA
Sections
.text Size: 95KB - Virtual size: 95KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 15KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 75KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE