Static task
static1
Behavioral task
behavioral1
Sample
f448d014f022e67616046b9a78190627be6103eaf919ce331785b186b15a894b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f448d014f022e67616046b9a78190627be6103eaf919ce331785b186b15a894b.exe
Resource
win10v2004-20220812-en
General
-
Target
f448d014f022e67616046b9a78190627be6103eaf919ce331785b186b15a894b
-
Size
267KB
-
MD5
6a80811f2eca625eccb10b9784840846
-
SHA1
545a84093b2268f4e8083e75b3fe43301c7cb376
-
SHA256
f448d014f022e67616046b9a78190627be6103eaf919ce331785b186b15a894b
-
SHA512
f1183b4acd5f8c51cf7273a8848025cd321ff7f2302e2814a24a0e0f988b76f3e4b60e2d9ed8dbe5dfcfc1f139377d035d9af277346a31627a3ea0d1f38e961b
-
SSDEEP
3072:wLo7KenXhoI/rp4v+Cvom2Fgb8oesB7O7VB:y85ykpHF1oLC5
Malware Config
Signatures
Files
-
f448d014f022e67616046b9a78190627be6103eaf919ce331785b186b15a894b.exe windows x86
98db2aec13e9df8340c8838735e38c0c
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RemoveDirectoryA
lstrcmpA
GetStartupInfoA
GetThreadLocale
SetLastError
GetVersion
GetCommandLineW
GlobalFindAtomA
GetCurrentProcessId
Sleep
GetTickCount
GetCommandLineA
IsDebuggerPresent
lstrcmpiW
lstrlenA
GetLastError
lstrcmpiA
DeleteFileW
GlobalFindAtomW
GetUserDefaultLangID
GetModuleHandleA
LoadLibraryW
GetCurrentProcess
QueryPerformanceCounter
GetACP
DeleteFileA
CopyFileA
GetDriveTypeA
GetCurrentThread
GetConsoleOutputCP
GetProcessHeap
GetWindowsDirectoryA
MulDiv
GetOEMCP
VirtualAlloc
SetCurrentDirectoryA
GetModuleHandleW
lstrlenW
GetCurrentThreadId
user32
GetDC
GetDesktopWindow
CharNextA
GetSystemMetrics
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE