Static task
static1
Behavioral task
behavioral1
Sample
f6a4f67375c81cd0748065d62b85974a12cab13cf888e902e1b9c59e86781dfb.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f6a4f67375c81cd0748065d62b85974a12cab13cf888e902e1b9c59e86781dfb.exe
Resource
win10v2004-20220812-en
General
-
Target
f6a4f67375c81cd0748065d62b85974a12cab13cf888e902e1b9c59e86781dfb
-
Size
404KB
-
MD5
615aba0b1c267c5f09797ce21f151e80
-
SHA1
b3e8900db418f73072b7c9b64cc5f70a29d6b171
-
SHA256
f6a4f67375c81cd0748065d62b85974a12cab13cf888e902e1b9c59e86781dfb
-
SHA512
a45b6339398a68a777bd0cad96b16f34901930bed8f882b4bc5d43e3461e02e7b4399b8e21ea7c47c1740de043140f4360a1b58a40a427202ed45e6f60f62ddf
-
SSDEEP
12288:GmXFBKXrsLy5DmM+6Jc/vxrt5OEgFiOewSsPv:G1sLy5DHkxx5ngAOewSov
Malware Config
Signatures
Files
-
f6a4f67375c81cd0748065d62b85974a12cab13cf888e902e1b9c59e86781dfb.exe windows x86
0e0a8fd2d6147edb1c1b0ec22f914366
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
HttpQueryInfoW
InternetSetOptionW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
kernel32
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
GetModuleFileNameW
lstrlenW
GetLastError
InitializeCriticalSection
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
WideCharToMultiByte
GetTickCount
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcess
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
FlushInstructionCache
DeleteCriticalSection
RaiseException
GetCurrentThreadId
SetLastError
WriteConsoleW
SetStdHandle
CreateFileA
SetEndOfFile
HeapSize
HeapReAlloc
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeW
GetCPInfo
LCMapStringW
GetSystemDefaultLCID
GetFileAttributesExW
CreateFileW
CloseHandle
TerminateThread
HeapAlloc
GetProcessHeap
GetVersionExW
GetProcAddress
InterlockedCompareExchange
HeapFree
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
Sleep
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
LCMapStringA
user32
UnregisterClassA
LoadStringW
DefWindowProcW
CreateDialogParamW
GetDlgItem
KillTimer
SetTimer
SetWindowTextW
EndDialog
GetParent
GetWindow
GetWindowRect
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
IsDialogMessageW
SendMessageW
DialogBoxParamW
PostQuitMessage
GetActiveWindow
GetSystemMetrics
LoadImageW
CharNextW
SetWindowLongW
ShowWindow
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
advapi32
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
ole32
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoTaskMemRealloc
CoUninitialize
oleaut32
VarUI4FromStr
comctl32
InitCommonControlsEx
Sections
.text Size: 272KB - Virtual size: 271KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ