Static task
static1
Behavioral task
behavioral1
Sample
b0983f929163dcd09c1fb60ea18d24748bab1382357f0679d40f2d566bc64575.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b0983f929163dcd09c1fb60ea18d24748bab1382357f0679d40f2d566bc64575.exe
Resource
win10v2004-20220901-en
General
-
Target
b0983f929163dcd09c1fb60ea18d24748bab1382357f0679d40f2d566bc64575
-
Size
15KB
-
MD5
75a8320fa555a1048bb89fcf0633fa82
-
SHA1
b1bb05462e5487ac603ae15cc22f217079f6e650
-
SHA256
b0983f929163dcd09c1fb60ea18d24748bab1382357f0679d40f2d566bc64575
-
SHA512
9228c36f6e3abd15b534c727d46b4ca1d047b9ab20f40c675820866c5af93bd4c28955784b1a481913248e6d5272f3d58b2f93ee6b077d0507c121c28381eb5c
-
SSDEEP
192:Qol5m591V5BwMhoER58xP6jvNQuJNpVHmvrlY8VTeBpXQzK+0rblkIXXx1XXWfSC:Q+e9dBwMrO6ZQutVHmrqqKrwfSV16x
Malware Config
Signatures
Files
-
b0983f929163dcd09c1fb60ea18d24748bab1382357f0679d40f2d566bc64575.exe windows x86
4d333650666fecf3482501fc120e6226
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateFileA
LocalAlloc
Sleep
CreateThread
CreateMutexA
CopyFileW
GetFileSize
CreateProcessA
GetEnvironmentVariableW
GetShortPathNameW
GetStartupInfoA
GetModuleHandleA
ReadFile
LocalFree
GetLastError
GetModuleFileNameW
CloseHandle
user32
SendMessageA
FindWindowExA
advapi32
RegQueryValueExA
RegCloseKey
RegSetValueExW
RegOpenKeyExA
shell32
SHGetSpecialFolderPathW
ShellExecuteW
msvcrt
_controlfp
_except_handler3
__set_app_type
memset
__CxxFrameHandler
strlen
sprintf
memcpy
strcpy
strcat
_mbsnbcpy
_mbsnbcmp
atol
_mbscmp
atoi
fclose
fwrite
fopen
strstr
wcslen
wcstombs
setlocale
wcscmp
wcscat
mbstowcs
wcsrchr
wcscpy
getenv
strcmp
time
free
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_strnicmp
wininet
HttpAddRequestHeadersA
HttpOpenRequestA
HttpEndRequestA
InternetWriteFile
HttpSendRequestA
InternetReadFile
HttpQueryInfoA
InternetAttemptConnect
InternetCloseHandle
InternetConnectA
InternetOpenA
HttpSendRequestExA
ws2_32
gethostbyname
inet_ntoa
WSAStartup
gethostname
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE