Static task
static1
Behavioral task
behavioral1
Sample
24a6f9174a603332baf2d4b7e61d048ae8ae06a3fe36da49e0e956af2bafdbe7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
24a6f9174a603332baf2d4b7e61d048ae8ae06a3fe36da49e0e956af2bafdbe7.exe
Resource
win10v2004-20220812-en
General
-
Target
24a6f9174a603332baf2d4b7e61d048ae8ae06a3fe36da49e0e956af2bafdbe7
-
Size
801KB
-
MD5
5c9d81e67870f86b7d9fab4ca40b5240
-
SHA1
51c9187393a4d448c873760f629f220abf2018ef
-
SHA256
24a6f9174a603332baf2d4b7e61d048ae8ae06a3fe36da49e0e956af2bafdbe7
-
SHA512
974423c5378f65dcba4e210ada6cf2be801e788adcf5cc28a8f6a398cedcefb5765ba2af36610c7ef90d9237234212e490231f84e88a76c5a41a56bc67195ca5
-
SSDEEP
24576:YO8O2HR6+GQ3IwffORgjCafiv9IQcuqn2kI:YM2xBn+RgGaqv9IVDnV
Malware Config
Signatures
Files
-
24a6f9174a603332baf2d4b7e61d048ae8ae06a3fe36da49e0e956af2bafdbe7.exe windows x86
9e7bb1a002b4a64edcbcb4c652dd1599
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetCurrentThread
CreateEventW
CreateEventW
GetPrivateProfileSectionA
HeapFree
TlsGetValue
GetProcessHeap
GetProcessVersion
LoadLibraryW
ResumeThread
SuspendThread
CreateEventW
GetStringTypeW
GetVolumePathNameA
SetLastError
lstrlenA
FindAtomA
VirtualProtect
DeleteFileA
GetPrivateProfileIntW
GetDriveTypeA
clbcatq
SetupOpen
CheckMemoryGates
CheckMemoryGates
DllGetClassObject
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
ComPlusMigrate
CheckMemoryGates
CheckMemoryGates
SetupOpen
SetupOpen
CheckMemoryGates
d3dramp
RampOldTri
g_RampOld_BeadTbl
RampOldTri
g_RampOld_BeadTbl
Sections
.text Size: 1024B - Virtual size: 928B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 11KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 795KB - Virtual size: 795KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.orpc Size: 512B - Virtual size: 455B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE