Static task
static1
Behavioral task
behavioral1
Sample
5c581aa12c3ae0da606be8470e1ca8f03f49297e3046fac54e8881af26973cfb.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5c581aa12c3ae0da606be8470e1ca8f03f49297e3046fac54e8881af26973cfb.exe
Resource
win10v2004-20220812-en
General
-
Target
5c581aa12c3ae0da606be8470e1ca8f03f49297e3046fac54e8881af26973cfb
-
Size
313KB
-
MD5
6a5736b058cdfecc3d18a4235eebd4a0
-
SHA1
d1a5bb7a9400b46bab5a29b98a7ebe2e3451c6c8
-
SHA256
5c581aa12c3ae0da606be8470e1ca8f03f49297e3046fac54e8881af26973cfb
-
SHA512
edd5c2d634b482f7803392097fc09140971e4fa43fc6edd9b10e52c2f2e0fff3ec33c4576f2fe77cbbc18f87e65724324749a3f81659177ba9d25877a5dbce01
-
SSDEEP
6144:JGk/IDniUh8ybb4PHw6uPv6I4GkXa3zEXC6AjMBb8mJ88B6q91uD:g/b8qEY6Oh4GkXa3zFMPjMEuD
Malware Config
Signatures
Files
-
5c581aa12c3ae0da606be8470e1ca8f03f49297e3046fac54e8881af26973cfb.exe windows x86
50ba80c852b2c0ae0e23cca8a56a6b60
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
olecli32
BmCopy
GenClone
OleDraw
ErrReconnect
OleCreateLinkFromClip
OleSetHostNames
OleRename
LeQueryBounds
OleRelease
GenCopy
OleClone
GenEnumFormat
LeShow
ObjRename
ObjQuerySize
OleQueryProtocol
OleEnumObjects
DefCreateLinkFromFile
PbGetData
GenEqual
OleCreateFromTemplate
OleSetTargetDevice
DibQueryBounds
ErrShow
OleDelete
PbCreateInvisible
DocWndProc
OleExecute
LeReconnect
MfQueryBounds
ole32
HENHMETAFILE_UserSize
CreateOleAdviseHolder
HMETAFILEPICT_UserFree
CoMarshalInterface
PropVariantCopy
SetErrorInfo
OleCreateFromData
CoGetInterfaceAndReleaseStream
CoReactivateObject
GetHookInterface
HDC_UserMarshal
MonikerRelativePathTo
GetConvertStg
WriteOleStg
HACCEL_UserMarshal
MonikerCommonPrefixWith
WriteStringStream
CreateClassMoniker
CreateDataCache
ReadClassStg
OleDuplicateData
CoSetProxyBlanket
OleCreateLinkEx
GetClassFile
CoFreeAllLibraries
SNB_UserSize
CreateDataAdviseHolder
CreateItemMoniker
kernel32
GetFileTime
QueryPerformanceCounter
WriteProfileStringA
MoveFileExA
GetCurrentConsoleFont
GlobalGetAtomNameW
GetCurrentThread
CreateEventA
SetEndOfFile
GetModuleHandleW
TransactNamedPipe
GetEnvironmentStrings
GetUserDefaultLCID
lstrcatA
FatalAppExitW
LoadLibraryW
GetLocaleInfoW
IsBadStringPtrW
msvfw32
DrawDibTime
ICClose
ICOpen
DrawDibEnd
MCIWndCreateW
GetOpenFileNamePreviewW
DrawDibGetPalette
MCIWndCreate
DrawDibStop
ICSendMessage
ICCompressorChoose
ICSeqCompressFrameEnd
ICSeqCompressFrame
ICInstall
ICRemove
ICOpenFunction
DrawDibDraw
VideoForWindowsVersion
GetOpenFileNamePreviewA
ICLocate
ICDecompress
DrawDibSetPalette
ICImageCompress
DrawDibBegin
ICInfo
DrawDibRealize
MCIWndRegisterClass
DrawDibProfileDisplay
shell32
RealShellExecuteW
SHGetNewLinkInfoA
SHFormatDrive
DllInstall
SHGetFolderPathAndSubDirA
SHGetFolderLocation
StrNCmpIW
DragQueryFileA
SHEmptyRecycleBinA
InternalExtractIconListA
ShellExecuteExW
SHGetIconOverlayIndexA
SHFileOperationA
shlwapi
SHQueryInfoKeyW
PathUnquoteSpacesA
PathIsNetworkPathW
SHRegDeleteUSValueA
PathGetArgsW
PathRemoveFileSpecA
SHRegSetPathA
PathFindOnPathA
SHDeleteEmptyKeyW
SHRegWriteUSValueA
PathCombineA
PathRemoveBackslashA
PathGetDriveNumberA
SHRegDeleteEmptyUSKeyW
StrChrIW
ColorAdjustLuma
PathSetDlgItemPathW
UrlGetLocationW
Sections
.text Size: 130KB - Virtual size: 129KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ