Static task
static1
Behavioral task
behavioral1
Sample
c42e69038920cc5ab820cd09f1f32c99452342da65e94ab734c05e0fba3716d5.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
c42e69038920cc5ab820cd09f1f32c99452342da65e94ab734c05e0fba3716d5.exe
Resource
win10v2004-20220901-en
General
-
Target
c42e69038920cc5ab820cd09f1f32c99452342da65e94ab734c05e0fba3716d5
-
Size
198KB
-
MD5
7acc2d801e49093c569a52af2784fb11
-
SHA1
1fb14d8f647ac5d479d6b146a25f0f203fd016e3
-
SHA256
c42e69038920cc5ab820cd09f1f32c99452342da65e94ab734c05e0fba3716d5
-
SHA512
7443640a6af31787f40c3151ddef91a76dbafa0e9a8bc6699ed40d5ebb6ced53b8a59230adb0d8e8d3b0909eb4e5b23513003843b167b3ad426628bf2bc02e73
-
SSDEEP
6144:zops+8+Q8PpB4tpOzQRnzy8ee0UPKxNkmb:zSs+TPo9nWBe0UPKD
Malware Config
Signatures
Files
-
c42e69038920cc5ab820cd09f1f32c99452342da65e94ab734c05e0fba3716d5.exe windows x86
2f71cec56ca9eda2a3f0c49bf6442950
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTickCount
InitializeCriticalSection
OutputDebugStringW
lstrcpyW
GlobalUnlock
GlobalLock
DeleteFileA
InterlockedIncrement
IsBadReadPtr
GlobalAlloc
IsValidCodePage
lstrcmpiW
InterlockedDecrement
GetSystemTimeAsFileTime
GetEnvironmentStringsA
DeleteCriticalSection
GetDateFormatW
WideCharToMultiByte
GetStartupInfoA
LoadLibraryW
FileTimeToSystemTime
GetLastError
FileTimeToLocalFileTime
MultiByteToWideChar
GetComputerNameW
OutputDebugStringA
GetProcAddress
GetSystemWindowsDirectoryW
SetUnhandledExceptionFilter
GlobalFree
QueryPerformanceCounter
CreateFileW
GetModuleFileNameW
LocalReAlloc
GetCPInfo
FormatMessageW
lstrlenW
GetModuleHandleA
LocalFree
CloseHandle
GetCurrentProcess
SetLastError
msvcrt
wcsrchr
mbstowcs
wcscmp
_purecall
free
_wcsupr
_wcsicmp
??2@YAPAXI@Z
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
wcstoul
_onexit
_except_handler3
malloc
__RTDynamicCast
memmove
wcschr
__dllonexit
_adjust_fdiv
wcscat
wcsstr
vswprintf
wcscpy
??3@YAXPAX@Z
wcslen
certcli
CAGetCertTypeExtensions
CAUpdateCertType
CASetCertTypeProperty
CAEnumCertTypes
CASetCertTypeKeySpec
CAFindCertTypeByName
CASetCertTypeExtension
CAUpdateCA
CAGetCertTypeKeySpec
CAFreeCertTypeExtensions
CAFindByName
CAEnumCertTypesForCA
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CACreateCertType
CACloseCA
CARemoveCACertificateType
CAGetCertTypeFlags
CAFreeCertTypeProperty
CACloseCertType
CAEnumNextCertType
CAGetCertTypeProperty
CAGetCAProperty
CAFreeCAProperty
CASetCertTypeFlags
CACertTypeGetSecurity
CAAddCACertificateType
comctl32
PropertySheetW
CreatePropertySheetPageW
user32
GetDC
wsprintfW
ReleaseDC
SetDlgItemTextW
LoadIconW
LoadCursorW
MessageBoxW
InsertMenuItemW
EndDialog
WinHelpW
LoadBitmapW
DialogBoxParamW
GetParent
GetDlgItem
RegisterClipboardFormatW
SetWindowTextW
SetCursor
GetDlgItemTextA
SystemParametersInfoW
LoadImageW
SetFocus
SendDlgItemMessageW
GetWindowLongW
PostMessageW
LoadStringW
SetWindowLongW
SendMessageW
EnableWindow
gdi32
DeleteObject
CreateFontIndirectW
GetDeviceCaps
advapi32
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
ole32
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoCreateInstanceEx
GetHGlobalFromStream
CoSetProxyBlanket
StringFromGUID2
CreateStreamOnHGlobal
shell32
ShellExecuteW
ShellExecuteExW
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.hdata Size: 78KB - Virtual size: 3.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ