Static task
static1
Behavioral task
behavioral1
Sample
5f4ea330955983e4c5c258c6eb9799bcec24c077a175d4ebbb40513ad994a40d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5f4ea330955983e4c5c258c6eb9799bcec24c077a175d4ebbb40513ad994a40d.exe
Resource
win10v2004-20220812-en
General
-
Target
5f4ea330955983e4c5c258c6eb9799bcec24c077a175d4ebbb40513ad994a40d
-
Size
211KB
-
MD5
60cce8b7385073dbca007c7a61668a90
-
SHA1
1d44f4e92088bdaa0028a4886ce3c4262c14a771
-
SHA256
5f4ea330955983e4c5c258c6eb9799bcec24c077a175d4ebbb40513ad994a40d
-
SHA512
9038046980c11278d4c927a5af4280730d17f2bea35f66816a1cc69782a5d4ede335209ab88f2d0adab40926f37ff28cd5b90f293650952a57a745b40cb4f58c
-
SSDEEP
3072:YUtvMiHW4xJbFcF/Hkzk4jtq5JnZSx2vgufD/slt1kt+4+sNWZmLIXWJPMIDX:1R24xJb6/EvBKn0x2vg8kt1Y+TsNMWX
Malware Config
Signatures
Files
-
5f4ea330955983e4c5c258c6eb9799bcec24c077a175d4ebbb40513ad994a40d.exe windows x86
2da55d1e111a37c2e25bc408df85285d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetUnhandledExceptionFilter
lstrcmpA
WideCharToMultiByte
CloseHandle
LoadLibraryW
MultiByteToWideChar
SetLastError
GetTickCount
FindResourceA
lstrcpyA
GetModuleHandleW
GetProcessHeap
QueryDosDeviceA
GetCurrentProcess
GetLocalTime
CreateFileA
GetVolumeInformationA
GetSystemTimeAsFileTime
DeviceIoControl
FreeResource
lstrlenA
GetEnvironmentStringsA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
HeapAlloc
SystemTimeToFileTime
LockResource
LoadResource
osuninst
ProvideUiAlerts
GetUninstallImageSize
IsUninstallImageValid
RemoveUninstallImage
advapi32
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
pautoenr
CertAutoEnrollment
CertAutoRemove
pdh
PdhAddCounterA
PdhAddCounterW
PdhAdd009CounterA
PdhBindInputDataSourceW
PdhBindInputDataSourceA
PdhBrowseCountersA
user32
CharNextA
wsprintfA
Sections
.text Size: 90KB - Virtual size: 90KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 77KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 6.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 996B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ