Static task
static1
Behavioral task
behavioral1
Sample
a2192a2df9f1667345f2c80325e85f05b1131348400692a3c8a0b46913a3ef90.exe
Resource
win7-20220812-en
General
-
Target
a2192a2df9f1667345f2c80325e85f05b1131348400692a3c8a0b46913a3ef90
-
Size
1.2MB
-
MD5
4219a833173bfc883d8bdb652c00d200
-
SHA1
5a6996414ae334dbd41c482477920a9dc9c5feff
-
SHA256
a2192a2df9f1667345f2c80325e85f05b1131348400692a3c8a0b46913a3ef90
-
SHA512
40e0b8aa99682f2074376cc6e174b04bfedf758ff8d7fdc94fa27d826dd32eb2f8776f4413dad941f2d5b7968604a721ca52347f48e53c05e2b693dd3e69b229
-
SSDEEP
24576:RqSZJUz8e5uyo9c4siUPWc3EWTYPsyvrNFIfy:BeK9YqeRTY0Ur7sy
Malware Config
Signatures
Files
-
a2192a2df9f1667345f2c80325e85f05b1131348400692a3c8a0b46913a3ef90.exe windows x86
4e6170cd60dcc43955a0d9e488f6545a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
wininet
InternetQueryOptionA
kernel32
DeviceIoControl
lstrlenW
GlobalFree
GlobalAlloc
ProcessIdToSessionId
LocalFree
OutputDebugStringW
OpenMutexW
CreateMutexW
MapViewOfFileEx
MulDiv
InterlockedDecrement
GetCPInfo
IsDBCSLeadByte
GetFullPathNameW
InitializeCriticalSection
DeleteCriticalSection
CreateThread
lstrcpynW
GlobalLock
GlobalUnlock
GetFileAttributesW
FindNextFileW
ExitProcess
SetEndOfFile
GetFileType
CreateDirectoryW
TerminateThread
ResetEvent
GetDriveTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetCurrentDirectoryA
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
SetHandleCount
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetModuleHandleA
RtlUnwind
GetStartupInfoW
FileTimeToLocalFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetACP
FileTimeToSystemTime
GetTempPathW
GetTempFileNameW
ReleaseMutex
GetLogicalDrives
CopyFileW
FindClose
FindFirstFileW
GetDriveTypeW
GetCurrentProcessId
ReadProcessMemory
WritePrivateProfileStringW
CreateFileA
VirtualQueryEx
SetUnhandledExceptionFilter
GetThreadSelectorEntry
FreeLibrary
VirtualQuery
GetVersionExW
GetCurrentThread
GetModuleFileNameA
UnmapViewOfFile
ExitThread
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
InterlockedIncrement
GetProcAddress
GetModuleFileNameW
LoadLibraryW
SetFilePointer
Sleep
GetFileSize
WriteFile
MoveFileW
lstrlenA
MoveFileExW
SetLastError
RaiseException
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
ReadFile
CreateFileW
SizeofResource
MultiByteToWideChar
FindResourceExW
CloseHandle
LockResource
DeleteFileW
LoadResource
WaitForSingleObject
LeaveCriticalSection
WriteConsoleW
EnterCriticalSection
GetLastError
WideCharToMultiByte
GetStdHandle
SystemTimeToFileTime
GetLocalTime
FindResourceW
GetTickCount
SetEvent
CreateEventW
IsBadReadPtr
GetUserDefaultLCID
user32
CreateWindowExW
GetClassInfoExW
RegisterClassExW
SystemParametersInfoW
UnregisterClassA
SendMessageW
IsWindowVisible
SetWindowPos
SetWindowRgn
GetWindowRect
GetClientRect
ScreenToClient
SetRect
SetClipboardData
RegisterClipboardFormatW
GetClipboardData
EnableWindow
SetWindowLongW
GetCursorPos
GetParent
GetMonitorInfoW
IsWindow
SetWindowTextW
GetDlgItem
ShowWindow
EndDialog
MonitorFromPoint
SetTimer
PostMessageW
InvalidateRect
GetKeyState
LoadCursorW
PtInRect
KillTimer
SetCursor
CreateDialogParamW
DispatchMessageW
GetMessageW
GetForegroundWindow
SetForegroundWindow
TranslateMessage
MoveWindow
EnumDisplayMonitors
DefWindowProcW
UnregisterClassW
UpdateLayeredWindow
UpdateWindow
GetSystemMetrics
TrackMouseEvent
GetDlgCtrlID
EndPaint
BeginPaint
GetDesktopWindow
SetPropW
GetWindow
GetPropW
DrawTextW
SendInput
PostQuitMessage
LoadImageW
DestroyIcon
GetWindowLongW
DialogBoxParamW
CloseClipboard
GetMessageExtraInfo
SetCapture
GetDC
LoadIconW
ReleaseCapture
GetWindowPlacement
IsWindowEnabled
EnumClipboardFormats
ReleaseDC
OpenClipboard
OffsetRect
EmptyClipboard
DestroyWindow
DrawIconEx
IsIconic
gdi32
SaveDC
RestoreDC
CombineRgn
ExtCreateRegion
CreateCompatibleDC
Rectangle
CreateSolidBrush
CreateDIBSection
CreateFontIndirectW
GetDeviceCaps
PatBlt
GetObjectW
SetTextColor
SetBkMode
MoveToEx
SelectObject
GetFontUnicodeRanges
LineTo
DeleteDC
BitBlt
DeleteObject
CreateFontW
GetDIBits
CreatePen
advapi32
RegSetValueExW
RegOpenKeyW
LookupAccountSidW
GetTokenInformation
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
IsTextUnicode
GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
LookupAccountNameW
ConvertSidToStringSidW
OpenProcessToken
shell32
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW
ole32
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoGetInterfaceAndReleaseStream
CLSIDFromProgID
CoMarshalInterThreadInterfaceInStream
CoFreeLibrary
CoLoadLibrary
OleInitialize
OleUninitialize
oleaut32
SysAllocStringByteLen
SysFreeString
shlwapi
wnsprintfW
PathFileExistsW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
ws2_32
recv
inet_ntoa
connect
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAAsyncSelect
ntohs
htonl
WSAGetLastError
closesocket
gethostbyname
sendto
WSACleanup
WSAStartup
htons
ntohl
inet_addr
send
shutdown
setsockopt
socket
netapi32
NetApiBufferFree
NetWkstaTransportEnum
Netbios
Sections
.text Size: 836KB - Virtual size: 833KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 180KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 44KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 160KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE