Static task
static1
Behavioral task
behavioral1
Sample
4d6eb2eb847fdc432bfebeac23f61190a93bd94a65f67a3807ec6521db5b77c8.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4d6eb2eb847fdc432bfebeac23f61190a93bd94a65f67a3807ec6521db5b77c8.exe
Resource
win10v2004-20220812-en
General
-
Target
4d6eb2eb847fdc432bfebeac23f61190a93bd94a65f67a3807ec6521db5b77c8
-
Size
772KB
-
MD5
10f6482f1c47c99b568a4184cda310d2
-
SHA1
1a957ba706794558a64cb1cb72f7796cbd665dc3
-
SHA256
4d6eb2eb847fdc432bfebeac23f61190a93bd94a65f67a3807ec6521db5b77c8
-
SHA512
f44e2c116c82766aaef97b81cf94e039f26738c13d218256e0fe0d298099962a5c47923113c77aaf4adb251590aa056c2ce4d1728b85e2f61f026e8234875690
-
SSDEEP
12288:ITue3GaGQmNi1IA0OxoCJc4wokR2RngBkk7GKdixlrkoRZnKy7NrV1kDwFMGib60:Qd3gNiSA0Qon4VjnER9dig0Z55aG9
Malware Config
Signatures
Files
-
4d6eb2eb847fdc432bfebeac23f61190a93bd94a65f67a3807ec6521db5b77c8.exe windows x86
6378622ce31f5fa003fedcc4e427bdb0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
WriteConsoleW
WriteConsoleW
HeapDestroy
DisconnectNamedPipe
DeleteFileA
CopyFileA
CreatePipe
GetPriorityClass
GetCurrentDirectoryA
GetProcessHeap
GetModuleHandleA
SetEvent
GetCommandLineA
WriteConsoleW
GetStdHandle
VirtualProtect
ResumeThread
GetFileAttributesW
lstrcpyA
lstrlenW
GetStartupInfoA
mmcndmgr
DllUnregisterServer
DllRegisterServer
DllRegisterServer
DllUnregisterServer
shell32
ExtractIconA
DragAcceptFiles
DuplicateIcon
ShellMessageBoxA
StrChrA
DragQueryFileA
ShellAboutA
SHFree
DragFinish
DllUnregisterServer
SHGetMalloc
SHGetDiskFreeSpaceA
SHGetSettings
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 765KB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 177B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.impdata Size: 512B - Virtual size: 195B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE