Static task
static1
Behavioral task
behavioral1
Sample
1f818076712c85f82eec26d7810999f68ae74cabe9aea5963bf2677dbd0311d3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1f818076712c85f82eec26d7810999f68ae74cabe9aea5963bf2677dbd0311d3.exe
Resource
win10v2004-20220812-en
General
-
Target
1f818076712c85f82eec26d7810999f68ae74cabe9aea5963bf2677dbd0311d3
-
Size
292KB
-
MD5
5d9de7966f4e159180633b8a391b468d
-
SHA1
ea93825af69ccfbf55a9963848c9e79a862a47ee
-
SHA256
1f818076712c85f82eec26d7810999f68ae74cabe9aea5963bf2677dbd0311d3
-
SHA512
3929eb9996469a92606f4768e718eb099c9e9d90e7d5148fbed45fb72d32aedc1a13722a17725f411e4e63014e5af4e472360f5fe38f06477ea61e691562388a
-
SSDEEP
6144:7wwG141SCgGzefZf8WMXkYhIwvImyxVWZCAtVlKaPxu:swGS1YPfZf8WMUGvIm1ZCwVlZPxu
Malware Config
Signatures
Files
-
1f818076712c85f82eec26d7810999f68ae74cabe9aea5963bf2677dbd0311d3.exe windows x86
28ab3f34e07c15b8ee779c57758c116c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
shfolder
SHGetFolderPathA
pm60db
?RefreshPath@CMgr2@@QAEHPBD@Z
?CheckToSaveDB@CMgr2@@QAEXXZ
?StoreDoctoDB@CMgr2@@QAEHVCString@@PAV?$CList@U_iteminfo@@AAU1@@@@Z
?Load@CMgr2@@QAEHPBD@Z
??1CIDMgr@@UAE@XZ
??0CIDMgr@@QAE@VCString@@0@Z
?_oMgr2@@3VCMgr2@@A
?Save@CMgr2@@QAEHPBD@Z
?AllocID@CIDMgr@@QAEJXZ
mfc42
ord3830
ord2976
ord3081
ord2985
ord3831
ord4080
ord4622
ord4424
ord3825
ord561
ord3079
ord2514
ord3738
ord1134
ord641
ord656
ord665
ord2725
ord825
ord800
ord815
ord540
ord5265
ord4376
ord2621
ord4998
ord4710
ord537
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord4853
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord6052
ord3597
ord324
ord4234
ord354
ord2302
ord6199
ord3749
ord3262
ord2515
ord355
ord4160
ord1126
ord535
ord858
ord6283
ord6282
ord860
ord3873
ord823
ord2614
ord941
ord2915
ord924
ord3811
ord2820
ord551
ord3337
ord4129
ord1168
ord3507
ord3318
ord6385
ord5442
ord5773
ord1979
ord5186
ord940
ord2864
ord3136
ord2379
ord2763
ord5683
ord3790
ord3663
ord2841
ord5450
ord6394
ord6055
ord1776
ord5290
ord3402
ord3610
ord567
ord2107
ord5440
ord6383
ord1146
ord1871
ord5460
ord6571
ord879
ord882
ord2801
ord2740
ord602
ord2086
ord3567
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord755
ord470
ord4425
ord2818
ord1576
msvcrt
_adjust_fdiv
__p__commode
__setusermatherr
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
memset
_mkdir
toupper
_chdrive
memcpy
strstr
atof
strcpy
_itoa
strcat
atoi
memcmp
_splitpath
_chdir
sprintf
strcmp
_stricmp
rename
strrchr
__CxxFrameHandler
strlen
_initterm
_setmbcp
kernel32
lstrcpyA
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
SetErrorMode
WritePrivateProfileStringA
lstrcmpA
MoveFileA
GetLastError
GetTempPathA
GlobalAlloc
lstrcatA
lstrlenA
GetVersion
RemoveDirectoryA
FindClose
FindNextFileA
SetFileAttributesA
DeleteFileA
FindFirstFileA
CopyFileA
CreateDirectoryA
OpenFile
_lclose
_lread
_llseek
_lopen
GetPrivateProfileStringA
GetShortPathNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
GetCurrentDirectoryA
GlobalFree
GetPrivateProfileIntA
GlobalLock
GlobalUnlock
user32
SendMessageA
ShowWindow
GetClassNameA
EnumWindows
GetWindowTextA
GetDlgItem
GetClientRect
wsprintfA
LoadIconA
MessageBoxA
GetFocus
GetSystemMetrics
IsIconic
DrawIcon
EnableWindow
FindWindowA
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
Sections
.text Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.text Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE