Static task
static1
Behavioral task
behavioral1
Sample
7f1c0d31e3c60bd6014cbc4583e7e12954562f833f00678cd53a66ff3f735528.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7f1c0d31e3c60bd6014cbc4583e7e12954562f833f00678cd53a66ff3f735528.exe
Resource
win10v2004-20220901-en
General
-
Target
7f1c0d31e3c60bd6014cbc4583e7e12954562f833f00678cd53a66ff3f735528
-
Size
297KB
-
MD5
62239577971f65cc65b485edf9944181
-
SHA1
d9a9388784c9ca782ec7e61fe2896d9e3112811b
-
SHA256
7f1c0d31e3c60bd6014cbc4583e7e12954562f833f00678cd53a66ff3f735528
-
SHA512
82cf499eac4fdc8c49218d5ce8a4605afd6df5c1a67974ad6be687f7c5b297f0118dc4fa4c2d82dd64c0accc20c4e2e1d5e4c714baf1a3ddae5a02e67177ac91
-
SSDEEP
6144:eMAgyV0TizjFjuEhhv46XwcoEom8OAURvY9/H:eMT+zJzvRA/E0UJwv
Malware Config
Signatures
Files
-
7f1c0d31e3c60bd6014cbc4583e7e12954562f833f00678cd53a66ff3f735528.exe windows x86
ad1ea1702e65c94c4a5f8129fb125134
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
ReadConsoleA
ReadConsoleA
AddAtomA
Sleep
LoadLibraryW
FindVolumeClose
GetCommandLineA
SetEvent
GetStringTypeW
VirtualProtect
lstrlenW
GetFileAttributesA
DeleteAtom
GetStartupInfoA
HeapDestroy
ReadConsoleA
HeapSize
GetLogicalDrives
GetDriveTypeW
GetPrivateProfileSectionW
CopyFileA
dsprop
MsgBox
FindSheet
ErrMsg
MsgBox
ReportError
ReportError
CheckADsError
ErrMsg
CheckADsError
ErrMsg
FindSheet
MsgBox
FindSheet
mmcndmgr
CreateExecutivePlatform
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
Sections
.text Size: 1024B - Virtual size: 803B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 8KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 312B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 67B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE