Static task
static1
Behavioral task
behavioral1
Sample
dd42ec3873f53d5fd092834b7b09d1d89084d69c1901a4582509299ffe8de296.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
dd42ec3873f53d5fd092834b7b09d1d89084d69c1901a4582509299ffe8de296.exe
Resource
win10v2004-20220812-en
General
-
Target
dd42ec3873f53d5fd092834b7b09d1d89084d69c1901a4582509299ffe8de296
-
Size
75KB
-
MD5
03878d6b37a506ce21c67122c8c44904
-
SHA1
2b616847621d2ea603bbf3191a26ae1a63725d77
-
SHA256
dd42ec3873f53d5fd092834b7b09d1d89084d69c1901a4582509299ffe8de296
-
SHA512
deec42c7a543558cbe0dafc0e4e0820f9dc5e44806f2557c0ec8a91d0321f67ac6903d8641e7717ef7488be1ac109ef4e0067615fb9e4cab808a1d57890bd232
-
SSDEEP
1536:idE8BanWe/2GWeR6LLzAiHfY3XNHvbotsyWxeniIFRy:idraX/2GB40R5bot8EbFI
Malware Config
Signatures
Files
-
dd42ec3873f53d5fd092834b7b09d1d89084d69c1901a4582509299ffe8de296.exe windows x86
48856170a6db65e1dd79f207c620e5e0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
GetCurrentThread
FreeEnvironmentStringsA
GetWindowsDirectoryA
SystemTimeToFileTime
DeleteFileA
GetFileType
IsBadReadPtr
lstrcmpiA
RtlMoveMemory
GetShortPathNameA
GetTempPathA
GetThreadLocale
GetFileAttributesW
CreateFileMappingA
InterlockedDecrement
GetModuleHandleA
SetCurrentDirectoryA
OutputDebugStringA
GetExitCodeProcess
GetOEMCP
GlobalLock
VirtualProtect
GetCommandLineA
GetProcAddress
SizeofResource
GetLastError
LoadResource
LocalFree
GetVersion
GetLocaleInfoA
msvcrt
_adjust_fdiv
__p___initenv
__p__fmode
_XcptFilter
__p__commode
_initterm
_exit
__set_app_type
__getmainargs
_controlfp
_except_handler3
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ