Static task
static1
Behavioral task
behavioral1
Sample
d5bdc1fb04dcf494b549d655d19824cbd5f65c6c1ac055dda08f83f34e059c10.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d5bdc1fb04dcf494b549d655d19824cbd5f65c6c1ac055dda08f83f34e059c10.exe
Resource
win10v2004-20220812-en
General
-
Target
d5bdc1fb04dcf494b549d655d19824cbd5f65c6c1ac055dda08f83f34e059c10
-
Size
213KB
-
MD5
061b374b5ada864cb950cf910be35c8d
-
SHA1
bd13d706a86818dbbd2bdacf56a41b2a56ccba91
-
SHA256
d5bdc1fb04dcf494b549d655d19824cbd5f65c6c1ac055dda08f83f34e059c10
-
SHA512
90c377434d6c43b2a181d6fdc1bfe7ec74381fdcef3820414652f5e0d444f23a23e72db36727145b6c81c1995adc943866e48cfbbd6d3ce13993f7055b7db6da
-
SSDEEP
6144:LVd/HGaSS/Lf3Zj7AmI3rnQsbzkQf12w6cwlCXH:pdvRHDvZj8mubVbgQJ4Q3
Malware Config
Signatures
Files
-
d5bdc1fb04dcf494b549d655d19824cbd5f65c6c1ac055dda08f83f34e059c10.exe windows x86
48733e844a99fb92808e10dc87ef8078
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
nddeapi
NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeIsValidAppTopicListW
NDdeIsValidShareNameA
NDdeGetTrustedShareW
NDdeGetShareSecurityA
NDdeGetErrorStringA
NDdeIsValidAppTopicListA
kernel32
CreateEventW
ReleaseSemaphore
WaitForMultipleObjects
GetThreadPriority
InitializeCriticalSection
SetFilePointer
PostQueuedCompletionStatus
ResetEvent
WaitForSingleObject
lstrcpyA
SetThreadPriority
GetQueuedCompletionStatus
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
InterlockedDecrement
InterlockedIncrement
GetSystemDefaultLangID
MultiByteToWideChar
GetFileSize
GlobalAlloc
LeaveCriticalSection
GlobalHandle
FreeLibrary
GetACP
SetUnhandledExceptionFilter
lstrcmpW
CreateSemaphoreW
ReadFile
WideCharToMultiByte
GetSystemInfo
GetLastError
lstrcpynW
IsBadWritePtr
GetProfileIntA
CreateIoCompletionPort
GetModuleFileNameA
GetProcessHeap
SetEvent
IsBadReadPtr
CreateFileW
QueryPerformanceCounter
lstrlenW
DeleteCriticalSection
EnterCriticalSection
GetDiskFreeSpaceW
IsBadCodePtr
VirtualFree
DeleteFileW
GetVersionExW
CloseHandle
GlobalFree
GetCurrentProcessId
GetCurrentThread
CreateThread
lstrlenA
GetFileAttributesW
lstrcmpiW
GlobalLock
HeapFree
GetFullPathNameW
InterlockedExchange
lstrcpyW
WriteFile
HeapAlloc
GetCurrentProcess
LoadLibraryW
GetPrivateProfileStringW
GetTimeZoneInformation
SetEndOfFile
OutputDebugStringW
MulDiv
GlobalMemoryStatus
GlobalUnlock
winmm
mixerGetLineControlsW
waveInStart
waveInAddBuffer
mixerGetControlDetailsW
waveInClose
waveInStop
waveInUnprepareHeader
waveInPrepareHeader
waveInGetDevCapsW
waveInReset
mixerGetID
mixerClose
waveInOpen
mixerSetControlDetails
mixerOpen
SendDriverMessage
mixerGetLineInfoW
OpenDriver
user32
TranslateMessage
SetCursor
GetWindowRect
IsRectEmpty
CheckDlgButton
GetDC
GetClientRect
IsWindow
EnableWindow
InvalidateRect
GetWindowLongW
DefWindowProcW
IsWindowVisible
DispatchMessageW
GetDlgItem
ShowWindow
SendMessageW
SetWindowLongW
SetDlgItemTextW
SetDlgItemInt
DestroyWindow
CheckRadioButton
GetAsyncKeyState
LoadStringW
ReleaseDC
CreateDialogParamW
ClientToScreen
GetDlgItemInt
PeekMessageW
MoveWindow
LoadCursorW
GetDesktopWindow
msvfw32
ICDecompress
ICClose
ICOpen
ICLocate
ICGetInfo
ICSendMessage
usp10
ScriptFreeCache
ScriptBreak
ScriptGetGlyphABCWidth
LpkPresent
ScriptApplyLogicalWidth
ScriptCacheGetHeight
ScriptCPtoX
ScriptGetFontProperties
ScriptGetCMap
ncobjapi
WmiEventSourceDisconnect
WmiCreateObjectWithProps
WmiSetAndCommitObject
WmiDestroyObject
WmiCreateObject
WmiAddObjectProp
WmiEventSourceConnect
WmiCreateObjectWithFormat
WmiCommitObject
WmiIsObjectActive
ole32
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
StringFromGUID2
userenv
UnloadUserProfile
WaitForMachinePolicyForegroundProcessing
RsopSetPolicySettingStatus
DeleteProfileA
UnregisterGPNotification
WaitForUserPolicyForegroundProcessing
gdi32
GetObjectW
SelectObject
PatBlt
GetTextExtentPoint32W
GetPaletteEntries
GetStockObject
Sections
.text Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 477KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 964B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ