Static task
static1
Behavioral task
behavioral1
Sample
645c2f0b449e0a377495aac94e814c3f63c5a2b7e3d8e8d29f3727c533ed763b.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
645c2f0b449e0a377495aac94e814c3f63c5a2b7e3d8e8d29f3727c533ed763b.exe
Resource
win10v2004-20220901-en
General
-
Target
645c2f0b449e0a377495aac94e814c3f63c5a2b7e3d8e8d29f3727c533ed763b
-
Size
688KB
-
MD5
330714f2b46d9e145d33102b6d57b88f
-
SHA1
5f734342c249e03a095cb795d7bb66a6dac79768
-
SHA256
645c2f0b449e0a377495aac94e814c3f63c5a2b7e3d8e8d29f3727c533ed763b
-
SHA512
0112bb3a88b93ba1137af2ee337e8f9419ab8ae064184e164f5d9dc006934f34f2bf746c0a14632a2380f18064e22c01493c3a4db27471d10eeaafe70191fc32
-
SSDEEP
12288:G2e6etPKpE7XnVzQIRXJOd7zlEVNo3JtoTtSIr7ou2kJ7rqRr3xLFqCf:G2e6OKpeFVDOd7syZWJSIrj2kdrqRr3V
Malware Config
Signatures
Files
-
645c2f0b449e0a377495aac94e814c3f63c5a2b7e3d8e8d29f3727c533ed763b.exe windows x86
dca0d266b7d8574e9ad689f765375b76
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFilePointer
CompareStringA
GetTimeZoneInformation
ReadFile
GetTickCount
CompareStringW
EnterCriticalSection
GetCommandLineA
TerminateProcess
FreeEnvironmentStringsW
LCMapStringW
RaiseException
HeapCreate
WriteFile
InitializeCriticalSection
TlsSetValue
GetModuleHandleA
HeapFree
GetStringTypeW
QueryPerformanceCounter
MultiByteToWideChar
DeleteCriticalSection
GetACP
GetVersion
InterlockedExchange
GetCurrentProcessId
GetCurrentProcess
GetStringTypeA
GetCPInfo
LCMapStringA
HeapReAlloc
VirtualQuery
LeaveCriticalSection
SetHandleCount
VirtualAlloc
ExitProcess
FlushFileBuffers
SetUnhandledExceptionFilter
TlsAlloc
UnhandledExceptionFilter
GetEnvironmentStringsW
HeapDestroy
FreeEnvironmentStringsA
SetStdHandle
GetCurrentThreadId
RtlUnwind
SetLastError
TlsGetValue
HeapAlloc
LoadLibraryA
GetSystemTime
GetEnvironmentStrings
InterlockedDecrement
WideCharToMultiByte
GetSystemTimeAsFileTime
IsBadCodePtr
GetStartupInfoA
GetLastError
SetEnvironmentVariableA
GetFileType
GetModuleFileNameA
CloseHandle
GetOEMCP
VirtualFree
GetStdHandle
InterlockedIncrement
GetLocalTime
CreateMutexA
GetProcAddress
oleaut32
LoadTypeLi
wininet
InternetWriteFile
HttpQueryInfoA
InternetCanonicalizeUrlA
InternetSetFilePointer
InternetOpenUrlA
FtpCreateDirectoryA
InternetCrackUrlA
InternetSetStatusCallback
InternetQueryOptionA
HttpOpenRequestA
InternetGetConnectedState
InternetConnectA
InternetReadFile
InternetOpenA
InternetGetLastResponseInfoA
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestA
InternetQueryDataAvailable
gdi32
MaskBlt
Rectangle
StartDocA
CreateBitmapIndirect
AbortDoc
UpdateColors
DeleteMetaFile
ExcludeClipRect
CreatePen
StretchDIBits
CreateEllipticRgn
LPtoDP
GetTextMetricsA
SetBkMode
RectInRegion
RoundRect
GetStockObject
GetRegionData
SetBkColor
Ellipse
ResizePalette
DeleteDC
SelectObject
GetPixel
SetTextJustification
PolyPolyline
SetWindowExtEx
SetPixel
CreateRectRgnIndirect
Chord
SetTextAlign
SetMapMode
PatBlt
GetArcDirection
GetOutlineTextMetricsA
user32
LoadIconA
ShowWindow
LoadCursorA
MessageBoxA
DestroyWindow
DefWindowProcA
RegisterClassA
CreateWindowExA
RegisterClassExA
LoadStringA
advapi32
RegEnumValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
OpenServiceA
CryptCreateHash
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
CloseServiceHandle
RegCloseKey
RegDeleteValueA
CryptAcquireContextA
OpenSCManagerA
RegCreateKeyExA
CryptReleaseContext
RegQueryInfoKeyA
CryptDestroyHash
GetUserNameA
RegDeleteKeyA
RegQueryValueExA
CryptHashData
InitializeSecurityDescriptor
SetFileSecurityA
RegSetValueA
RegEnumKeyA
Sections
.text Size: 72KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 464KB - Virtual size: 462KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 112KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ