Static task
static1
Behavioral task
behavioral1
Sample
e784d0c3f47b1ea5f0167354c048ad4d52355734f02c4ce41bd0fbb366324120.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e784d0c3f47b1ea5f0167354c048ad4d52355734f02c4ce41bd0fbb366324120.exe
Resource
win10v2004-20220901-en
General
-
Target
e784d0c3f47b1ea5f0167354c048ad4d52355734f02c4ce41bd0fbb366324120
-
Size
152KB
-
MD5
4d67e3f27bcbf380bdde82a498631999
-
SHA1
91e649b712213811a58e4ee6d7660e805a2592cd
-
SHA256
e784d0c3f47b1ea5f0167354c048ad4d52355734f02c4ce41bd0fbb366324120
-
SHA512
48642a801943034b392d8a5a5e03db8e5017ca7b2a9f241b873384a03051009240659afcd27f8f8056164fcc1f9d9709578bd03506ff9b198fd7acb373cb321a
-
SSDEEP
3072:HGIf0N/2RBw/O9XJ4bZcegWVt1jnU9HmA3rX6UVxI2:HxfxBTKbnVt1jnSmA3rX60S2
Malware Config
Signatures
Files
-
e784d0c3f47b1ea5f0167354c048ad4d52355734f02c4ce41bd0fbb366324120.exe windows x86
c568687b6231063fb3386adfea0299f0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
kernel32
CreateFileA
GetTimeFormatA
GetDateFormatA
lstrcmpiA
IsDBCSLeadByte
LocalFree
FormatMessageA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
LocalAlloc
DeleteFileA
CopyFileA
MulDiv
CreateMutexA
SetLastError
FindNextFileA
FindFirstFileA
FindClose
CreateDirectoryA
GetExitCodeProcess
WaitForSingleObject
OutputDebugStringA
GetTempPathA
GetModuleFileNameA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
MultiByteToWideChar
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCPInfo
VirtualQuery
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
WriteFile
lstrcmpA
ExpandEnvironmentStringsA
GlobalAlloc
GlobalFree
Sleep
SetEvent
GetLogicalDriveStringsA
GetDiskFreeSpaceA
GetVolumeInformationA
GetDriveTypeA
GlobalMemoryStatus
CreateEventA
GetLastError
OpenEventA
DebugBreak
GetSystemDirectoryA
CreateProcessA
CloseHandle
lstrcpyA
lstrcatA
GetFileAttributesA
lstrlenA
GetVersionExA
GetPrivateProfileStringA
HeapSize
FlushFileBuffers
InterlockedExchange
LCMapStringW
RaiseException
ExitProcess
RtlUnwind
HeapFree
user32
EnumWindows
GetLastActivePopup
BringWindowToTop
IsIconic
CharNextA
ExitWindowsEx
ReleaseDC
GetClassNameA
IsWindow
IsWindowVisible
GetClientRect
wvsprintfA
MessageBoxA
UnregisterClassA
DestroyWindow
ShowWindow
InvalidateRect
UpdateWindow
SetForegroundWindow
CreateWindowExA
SetWindowLongA
LoadCursorA
RegisterClassA
GetSystemMetrics
GetWindowLongA
BeginPaint
GetWindowRect
GetSysColor
SetWindowPos
EndPaint
DefWindowProcA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
wsprintfA
LoadStringA
DialogBoxParamA
EndDialog
SendDlgItemMessageA
GetDC
gdi32
CreateFontIndirectA
DPtoLP
GetTextExtentExPointA
SelectObject
SetBkMode
SetTextColor
GetTextExtentPoint32A
TextOutA
GetDeviceCaps
advapi32
RegDeleteKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
OpenSCManagerA
CloseServiceHandle
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegCloseKey
RegDeleteValueA
Sections
.text Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE