Static task
static1
Behavioral task
behavioral1
Sample
8de8f77fd48cc640584bc850479f18eb56fb78841750eadac7c8d27f189b0eb9.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
8de8f77fd48cc640584bc850479f18eb56fb78841750eadac7c8d27f189b0eb9.exe
Resource
win10v2004-20220812-en
General
-
Target
8de8f77fd48cc640584bc850479f18eb56fb78841750eadac7c8d27f189b0eb9
-
Size
26KB
-
MD5
76fe49cc6a852f6a5ba7a9609bee4390
-
SHA1
f0c6e69306573e2ddeabb58c78b46c4bb5938f4f
-
SHA256
8de8f77fd48cc640584bc850479f18eb56fb78841750eadac7c8d27f189b0eb9
-
SHA512
32ad80ff3b198c6c32d329970812de32aed2d9b4b43f42100dab2b489212a1c2946659b28812fc7deef59c2557e8e0bc081978b44c2369228535b4f001c0278b
-
SSDEEP
384:uDDXZTCW7Y66mWGvrnsV8HpSLTjqiOl6b71qf8gOvRT88k/7/JQsBWwlwVC:UZGoY66mWGTsKUvjKl6c0/nkjHt
Malware Config
Signatures
Files
-
8de8f77fd48cc640584bc850479f18eb56fb78841750eadac7c8d27f189b0eb9.exe windows x86
89ec35feec72d5237b3aa0e085b26070
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTempFileNameW
GetTempPathW
GetTickCount
GetWindowsDirectoryW
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryExA
GetTapeParameters
SetEvent
SetLastError
UnhandledExceptionFilter
UnmapViewOfFile
WriteFileEx
lstrcpynW
GetStartupInfoA
GetModuleHandleW
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateFileMappingW
CreateProcessW
CreateFileW
LoadLibraryW
dbghelp
SymGetModuleInfo
SymMatchString
SymRegisterFunctionEntryCallback64
SymEnumerateSymbolsW64
MiniDumpWriteDump
MiniDumpReadDumpStream
ImagehlpApiVersion
EnumerateLoadedModules
dbghelp
shlwapi
PathFindFileNameW
PathQuoteSpacesW
PathRemoveFileSpecW
HashData
StrToIntW
PathAppendW
StrCmpW
SHIsLowMemoryMachine
imm32
ImmSetHotKey
ImmGetConversionListA
oleaut32
SysStringByteLen
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
SysAllocString
SysStringLen
gdi32
GetObjectW
DeleteObject
CreatePen
SetBkMode
PolyPolyline
shell32
CommandLineToArgvW
SHAddToRecentDocs
user32
SetClassLongW
SetScrollRange
PeekMessageA
EnumChildWindows
CountClipboardFormats
DispatchMessageA
crypt32
CertNameToStrW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CertOpenStore
Sections
.text Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ