Static task
static1
Behavioral task
behavioral1
Sample
360c5d08d6392d021bf58637c705c3cf013b53289db76b3e12753ce662067dbd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
360c5d08d6392d021bf58637c705c3cf013b53289db76b3e12753ce662067dbd.exe
Resource
win10v2004-20220812-en
General
-
Target
360c5d08d6392d021bf58637c705c3cf013b53289db76b3e12753ce662067dbd
-
Size
72KB
-
MD5
6a682d78d8412eec431a85279a84e580
-
SHA1
a0347ed4786544b04ecc9644fd5c31177de92dd4
-
SHA256
360c5d08d6392d021bf58637c705c3cf013b53289db76b3e12753ce662067dbd
-
SHA512
a69d534b3affb4d4240af3872495a9962aa82be75d41b876d5a4c94fef0518e060cff468cc035084b3833e8c2b167afe76d57b41a2f3f77d2986daf01c430076
-
SSDEEP
1536:VlYqFluuh+wA6SE00rfDCu5IoZSAzcwf3MveTdXMLk:TF3h+wT/Hr55IoZSAzcwf3MvwdXM
Malware Config
Signatures
Files
-
360c5d08d6392d021bf58637c705c3cf013b53289db76b3e12753ce662067dbd.exe windows x86
39ca950ca9c0bbcb0132469af66eeef2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
GetTokenInformation
IsWellKnownSid
OpenProcessToken
RegisterEventSourceA
ReportEventA
setupapi
SetupRenameErrorA
SetupUninstallOEMInfA
kernel32
CloseHandle
CompareStringA
CompareStringW
CreateEventA
CreateMutexA
CreatePipe
DefineDosDeviceA
DeleteCriticalSection
DeleteVolumeMountPointA
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstVolumeA
FindFirstVolumeW
FindNextVolumeA
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDrives
GetOEMCP
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetThreadTimes
GetTimeZoneInformation
GetUserDefaultLCID
GetVolumeInformationA
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LocalFree
MoveFileA
MultiByteToWideChar
OpenMutexA
PeekNamedPipe
QueryDosDeviceA
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualFree
VirtualQuery
VirtualUnlock
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
lstrlenW
user32
OpenInputDesktop
OpenWindowStationA
gdi32
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
SelectObject
SetMapMode
SetStretchBltMode
StretchBlt
shell32
CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderW
SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW
Sections
.text Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 254B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ