Static task
static1
Behavioral task
behavioral1
Sample
8c4aac29cc12dc41da2116aafce8f87ff3cb940f0909f19fe3503070e7fc2993.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8c4aac29cc12dc41da2116aafce8f87ff3cb940f0909f19fe3503070e7fc2993.exe
Resource
win10v2004-20220812-en
General
-
Target
8c4aac29cc12dc41da2116aafce8f87ff3cb940f0909f19fe3503070e7fc2993
-
Size
665KB
-
MD5
6117d3f6990a3e2b575c8149635d9240
-
SHA1
217b848c7a4ab94feeb30aa5ecc03880a2f6daf3
-
SHA256
8c4aac29cc12dc41da2116aafce8f87ff3cb940f0909f19fe3503070e7fc2993
-
SHA512
343785e0f8c088f342d6779f43b0b8158be064c57d5aec63873d8bd98b2544e599b93f5d15aee0bfee2d92f3ff87bd6f3d740954d741f13af8990c3128b7b4b2
-
SSDEEP
12288:eEn+ZSPONRVaxQ7HtPJ8b/6++NYxTvQQtcZIVt91UUKGFBUfa:WRVaxwwby+5TtU8WUlFBUy
Malware Config
Signatures
Files
-
8c4aac29cc12dc41da2116aafce8f87ff3cb940f0909f19fe3503070e7fc2993.exe windows x86
cf9ab7e85de5030cf113178dabb6f6e8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_NET_RUN_FROM_SWAP
Imports
kernel32
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LCMapStringW
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
CloseHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
ReadFile
SetLastError
TlsFree
HeapFree
TlsGetValue
TlsAlloc
LoadLibraryW
ExitProcess
GetModuleHandleW
OutputDebugStringW
lstrlenA
WriteConsoleW
OutputDebugStringA
WriteFile
GetStdHandle
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
GetModuleFileNameW
HeapReAlloc
HeapSize
HeapQueryInformation
SetFilePointer
GetTimeZoneInformation
SetStdHandle
FlushFileBuffers
CreateFileA
GetStringTypeW
CreateFileW
SetEndOfFile
GetProcessHeap
CompareStringW
GetLastError
LocalAlloc
CreateEventA
CreateThread
SetEvent
WaitForSingleObject
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
TlsSetValue
GetCurrentThreadId
lstrcatA
lstrcpyA
GetProcAddress
Sleep
HeapAlloc
LocalFree
LoadLibraryA
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
RaiseException
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
GetModuleHandleA
GetFileType
SetEnvironmentVariableA
user32
SetWindowTextW
GetSysColor
GetWindow
GetDesktopWindow
GetDialogBaseUnits
EnumWindows
EndDialog
SendDlgItemMessageA
SetWindowPlacement
GetWindowPlacement
SetMenuItemInfoA
GetMenuItemInfoA
UnionRect
wsprintfA
InvalidateRect
TranslateAcceleratorA
LoadAcceleratorsA
LoadStringA
AppendMenuA
GetMenu
GetSystemMetrics
EnableMenuItem
UnhookWindowsHookEx
SetWindowsHookExA
GetUserObjectSecurity
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetWindowLongA
SetWindowLongA
SetWindowRgn
ShowWindow
UpdateWindow
SetTimer
CallNextHookEx
TranslateMessage
DispatchMessageA
KillTimer
GetClientRect
CallWindowProcA
DefWindowProcA
CreateWindowExW
GetMessageA
SendMessageA
GetDC
ReleaseDC
MoveWindow
DestroyWindow
BeginPaint
EndPaint
PostQuitMessage
LoadImageA
GetWindowRect
ScreenToClient
SetRect
FillRect
CreateWindowStationA
AllowSetForegroundWindow
MessageBoxA
MapWindowPoints
DialogBoxParamA
GetDlgItem
gdi32
CombineRgn
DeleteObject
SaveDC
SetBkColor
ExtTextOutA
RestoreDC
GetStockObject
SelectObject
GetCurrentPositionEx
MoveToEx
LineTo
CreateSolidBrush
Ellipse
ExcludeClipRect
SelectClipRgn
StartDocA
StartPage
TextOutA
EndPage
EndDoc
DeleteDC
CreateDCA
CreateFontIndirectA
GetTextMetricsA
SetTextColor
GetObjectA
CreatePen
CreateEllipticRgn
comdlg32
ChooseFontA
PrintDlgA
advapi32
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
LookupAccountNameA
shell32
DragAcceptFiles
SHGetMalloc
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ole32
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
SysAllocStringLen
SysStringLen
VariantInit
msimg32
GradientFill
shlwapi
wnsprintfA
pdh
PdhOpenQueryA
PdhAddCounterA
PdhOpenLogA
PdhUpdateLogA
PdhCloseLog
PdhCloseQuery
gdiplus
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipDeleteGraphics
GdipDeletePen
GdipFree
GdipCreatePen1
authz
AuthzInitializeResourceManager
AuthzFreeResourceManager
ntdsapi
DsUnBindA
eappcfg
EapHostPeerGetMethods
EapHostPeerFreeMemory
EapHostPeerInvokeInteractiveUI
EapHostPeerFreeErrorMemory
Sections
.text Size: 176KB - Virtual size: 175KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 224KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 69KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 178KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ