Static task
static1
Behavioral task
behavioral1
Sample
c62f6f82660fbfad49c62c8f59ebdf83791a1f20ed4ebeb7a357a52fa5c1ddba.exe
Resource
win7-20220901-en
General
-
Target
c62f6f82660fbfad49c62c8f59ebdf83791a1f20ed4ebeb7a357a52fa5c1ddba
-
Size
1.3MB
-
MD5
011862408e3e3b33c4fb35210249d400
-
SHA1
d6702960fc236949a30341e13f86d052f942d4e0
-
SHA256
c62f6f82660fbfad49c62c8f59ebdf83791a1f20ed4ebeb7a357a52fa5c1ddba
-
SHA512
8cabce1e247d77a6594ceb2782e556390657065d11a91d20afb32fc3183dbff53437c2d912480fc05021d97aa211da829f85c51bdd6fb17d431805ffec36b41d
-
SSDEEP
24576:R7dY6GmoAMgo6JNl2WI28NSs4iTvew4TegZjV11ru:DYl/A/228NNp4TegZjV11ru
Malware Config
Signatures
Files
-
c62f6f82660fbfad49c62c8f59ebdf83791a1f20ed4ebeb7a357a52fa5c1ddba.exe windows x86
3b28478ca1458bc65f20be32b45ad1ef
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
GetTokenInformation
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
GetSidLengthRequired
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
LookupAccountSidW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
OpenProcessToken
CryptAcquireContextW
CryptSetKeyParam
CryptReleaseContext
CryptImportKey
CryptEncrypt
InitializeSecurityDescriptor
AddAccessAllowedAceEx
CryptDestroyKey
imm32
ImmDisableIME
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
psapi
GetModuleFileNameExW
wininet
HttpQueryInfoW
InternetSetOptionW
InternetCloseHandle
HttpEndRequestW
HttpOpenRequestA
HttpAddRequestHeadersW
InternetWriteFile
InternetReadFile
InternetCrackUrlA
InternetOpenUrlW
InternetSetCookieW
InternetOpenW
HttpSendRequestExW
InternetConnectA
kernel32
SetLastError
GlobalFree
LocalFree
CreateThread
WideCharToMultiByte
MultiByteToWideChar
SystemTimeToFileTime
CreateDirectoryW
WaitForSingleObject
CopyFileW
GetFileAttributesW
FileTimeToSystemTime
DeleteFileW
SetFileAttributesW
FindFirstFileW
FreeLibrary
GetLogicalDriveStringsW
GetTickCount
OpenProcess
GetSystemDirectoryW
Sleep
TerminateProcess
FindClose
QueryDosDeviceW
GetWindowsDirectoryW
LocalAlloc
GetFileSize
ReadFile
FlushFileBuffers
CreateMutexW
OpenMutexW
ReleaseMutex
FindResourceW
LoadResource
SizeofResource
LockResource
GetVersionExW
GetCurrentThread
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
UnhandledExceptionFilter
FileTimeToLocalFileTime
ResumeThread
GetSystemTimeAsFileTime
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
RaiseException
RtlUnwind
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
ExitThread
LCMapStringW
GetTimeZoneInformation
GetFullPathNameW
GetCurrentDirectoryA
LCMapStringA
GetConsoleCP
GetConsoleMode
DebugBreak
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetModuleHandleA
GetProcessHeap
GetDriveTypeA
GetFullPathNameA
SetEndOfFile
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedCompareExchange
VirtualProtect
FlushInstructionCache
SetThreadContext
GetThreadContext
SuspendThread
EnterCriticalSection
GetLastError
GetTempPathW
LeaveCriticalSection
GetCommandLineW
lstrcpyW
CloseHandle
GetCurrentThreadId
IsDebuggerPresent
lstrcatW
GetLocalTime
GetProcAddress
lstrlenW
CreateFileW
GetModuleFileNameW
FormatMessageW
LoadLibraryW
WriteFile
GetModuleHandleW
OutputDebugStringW
GetCurrentProcess
SetUnhandledExceptionFilter
CreateProcessW
VirtualQuery
SetFilePointer
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetExitCodeThread
InitializeCriticalSection
AreFileApisANSI
VirtualAlloc
FormatMessageA
UnlockFile
LockFile
GlobalAlloc
GetDriveTypeW
GetSystemInfo
GetSystemTime
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetFileAttributesExW
DeleteFileA
ExpandEnvironmentStringsW
GetFileAttributesA
GetTempPathA
UnlockFileEx
LockFileEx
user32
GetWindowThreadProcessId
MessageBoxW
DispatchMessageW
MoveWindow
DefWindowProcW
SetWindowTextW
EnableWindow
CloseWindow
ReleaseCapture
CreateWindowExW
IsWindow
ShowWindow
SetLayeredWindowAttributes
SetWindowPos
SetWindowLongW
GetWindowLongW
InvalidateRect
LoadIconW
RegisterClassExW
TranslateMessage
BeginPaint
LoadCursorW
SetForegroundWindow
GetKeyState
GetSystemMetrics
PostMessageW
UnregisterClassW
SetCapture
PostQuitMessage
GetMessageW
GetWindowRect
SetTimer
SetWindowRgn
SetCursor
DestroyWindow
EndPaint
ReleaseDC
OffsetRect
GetDC
SetFocus
GetClientRect
MonitorFromRect
GetMonitorInfoW
IntersectRect
wvsprintfW
SubtractRect
IsWindowVisible
FillRect
wsprintfW
DrawTextW
KillTimer
FindWindowW
EnumWindows
GetClassNameW
WindowFromPoint
GetForegroundWindow
SystemParametersInfoW
FindWindowExW
SendMessageW
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
shlwapi
PathFileExistsW
msimg32
TransparentBlt
AlphaBlend
gdi32
SelectClipRgn
CreateFontIndirectW
CreateDIBSection
GetTextExtentPoint32W
CombineRgn
SetTextColor
DeleteObject
SetBkMode
CreatePolygonRgn
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteDC
BitBlt
GetStockObject
CreateSolidBrush
GetObjectW
StretchBlt
GetPixel
CreateRectRgn
ole32
OleSetContainedObject
CoCreateGuid
OleInitialize
OleCreate
oleaut32
SysAllocString
SysFreeString
VariantClear
VariantInit
Sections
.text Size: 902KB - Virtual size: 902KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 68KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 86KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 105KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE