Static task
static1
Behavioral task
behavioral1
Sample
5491ce68f056d0aa9af85d05502841557745f1676d22589528297aee677e1722.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5491ce68f056d0aa9af85d05502841557745f1676d22589528297aee677e1722.exe
Resource
win10v2004-20220812-en
General
-
Target
5491ce68f056d0aa9af85d05502841557745f1676d22589528297aee677e1722
-
Size
206KB
-
MD5
5b0f0105bcb7c6d53b04533c3270e606
-
SHA1
efe1a913c86442c9527359d4c4e649051c505381
-
SHA256
5491ce68f056d0aa9af85d05502841557745f1676d22589528297aee677e1722
-
SHA512
77ef1bb786979aa79140205de2de5c4fc87984f69ad7e65204e4cc60236b96696bf56b73f95699160390ed6a24ec74f255035800d4dc3881a365ced40f0a7b80
-
SSDEEP
6144:3prFXqyTCwSzSyN6KTlJtSZ/tHMTw4S+EAqLY3W:LqCsSyoKTlTPS+Eu3W
Malware Config
Signatures
Files
-
5491ce68f056d0aa9af85d05502841557745f1676d22589528297aee677e1722.exe windows x86
9c2a2f685215b1ca7da80a980b3838e3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleFileNameA
SetThreadPriority
InterlockedExchange
SetUnhandledExceptionFilter
WaitForMultipleObjects
lstrcmpW
SetEvent
GetProfileIntA
lstrlenW
lstrcpynW
GetFileSize
GlobalLock
GetFileAttributesW
SetFilePointer
QueryPerformanceCounter
GlobalFree
CreateSemaphoreW
WriteFile
MulDiv
LoadLibraryW
GetDiskFreeSpaceW
DeleteCriticalSection
FreeLibrary
EnterCriticalSection
CreateThread
GetLastError
lstrcpyA
WideCharToMultiByte
MultiByteToWideChar
GetThreadPriority
lstrcmpiW
ReadFile
GetCurrentProcessId
ReleaseSemaphore
GetPrivateProfileStringW
CloseHandle
InitializeCriticalSection
SetEndOfFile
LeaveCriticalSection
GetCurrentProcess
GlobalAlloc
ResetEvent
GetFullPathNameW
CreateFileW
GetVersionExW
lstrlenA
HeapFree
VirtualFree
IsBadWritePtr
InterlockedDecrement
GetTickCount
GlobalUnlock
GetACP
GlobalMemoryStatus
HeapAlloc
GetCurrentThread
IsBadCodePtr
GetQueuedCompletionStatus
lstrcpyW
GlobalHandle
InterlockedIncrement
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetSystemInfo
CreateEventW
WaitForSingleObject
GetProcessHeap
IsBadReadPtr
user32
ShowWindow
DestroyWindow
SetDlgItemTextW
InvalidateRect
DispatchMessageW
CheckRadioButton
DefWindowProcW
GetDlgItemInt
SetCursor
CheckDlgButton
GetDesktopWindow
MoveWindow
SendMessageW
SetWindowLongW
IsWindow
GetDlgItem
EnableWindow
LoadStringW
CreateDialogParamW
IsRectEmpty
SetDlgItemInt
GetAsyncKeyState
GetDC
IsWindowVisible
GetClientRect
GetWindowLongW
ClientToScreen
TranslateMessage
LoadCursorW
ReleaseDC
GetWindowRect
PeekMessageW
netshell
DllGetClassObject
NcIsValidConnectionName
StartNCW
Sections
.text Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 6.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ