Static task
static1
Behavioral task
behavioral1
Sample
c0392a83b05ceab5cd67bd374fbfa7fcc6570407244ecf69d061f84efbc7fde1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c0392a83b05ceab5cd67bd374fbfa7fcc6570407244ecf69d061f84efbc7fde1.exe
Resource
win10v2004-20220812-en
General
-
Target
c0392a83b05ceab5cd67bd374fbfa7fcc6570407244ecf69d061f84efbc7fde1
-
Size
76KB
-
MD5
19290f18c9bd11f7005fc1843da1f1bb
-
SHA1
0a7c7664f5de37803c347d2290082d724c34dd29
-
SHA256
c0392a83b05ceab5cd67bd374fbfa7fcc6570407244ecf69d061f84efbc7fde1
-
SHA512
f08262e60ad4054bc34e6ea0f5a7e59e8cc0b060e809e99dff2226d55d6598e3e192a78db5a19ebb077d39ac74264daaa514046c52c41fa59dcc7ff7de19f276
-
SSDEEP
1536:J79rEE5yQWLqSM6rQMIncf7lvigWqpEVlKYWHKpJOPdQ:J79rEEyTFlM1FRlKYWHKpJOl
Malware Config
Signatures
Files
-
c0392a83b05ceab5cd67bd374fbfa7fcc6570407244ecf69d061f84efbc7fde1.exe windows x86
900f0c8795854b10cdc71461cd63bebe
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
EqualSid
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyA
FreeSid
RegCloseKey
AllocateAndInitializeSid
GetTokenInformation
RegCreateKeyA
RegEnumValueA
kernel32
lstrcmpiA
FreeLibrary
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
GetModuleFileNameA
lstrcpyA
GetVersionExA
MultiByteToWideChar
WritePrivateProfileStringA
IsDBCSLeadByte
GetLastError
CreateDirectoryA
lstrlenA
ExpandEnvironmentStringsA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
CloseHandle
CreateFileA
lstrcpynA
lstrcmpA
lstrcatA
GetPrivateProfileStringA
CopyFileA
CreateDirectoryExA
GetCurrentProcess
GlobalFree
GlobalAlloc
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindNextFileA
WriteFile
SetFilePointer
ReadFile
FindFirstFileA
GetWindowsDirectoryA
GetModuleHandleA
GetLocalTime
SetEndOfFile
GetFileSize
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetEnvironmentVariableA
user32
MessageBoxA
wsprintfA
LoadStringA
ExitWindowsEx
CharPrevA
CharNextA
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
shell32
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ole32
CoCreateInstance
CoInitialize
CoUninitialize
Sections
.text Size: 57KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ