WSPStartup
Static task
static1
Behavioral task
behavioral1
Sample
0c3bf2f6334a7c57b9456671563fb72af6140067a461c8fc12dfb4280073b0fc.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
0c3bf2f6334a7c57b9456671563fb72af6140067a461c8fc12dfb4280073b0fc.dll
Resource
win10v2004-20220812-en
General
-
Target
0c3bf2f6334a7c57b9456671563fb72af6140067a461c8fc12dfb4280073b0fc
-
Size
2.2MB
-
MD5
f673b1daf06c7b3c448735b772433b6b
-
SHA1
3a70c6b4944686a7bb7dd73c2a42ee6fc8ea0285
-
SHA256
0c3bf2f6334a7c57b9456671563fb72af6140067a461c8fc12dfb4280073b0fc
-
SHA512
2b6d4f3a3967ce589a4678a00a0df40a2fd9ce9963d7ca916a0caee1c43de81641f31e4b0fabc462fd8d114daec72282d81f3830a14df6ec1ba275448ca6e99f
-
SSDEEP
49152:5OlPwHrNKDiLODawyf6HyiKaHOk73/yiyBsTGM:gU4DiO/yiyL
Malware Config
Signatures
Files
-
0c3bf2f6334a7c57b9456671563fb72af6140067a461c8fc12dfb4280073b0fc.dll windows x64
8bd5b3513645839e78a7252eeece8a1b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetVersion
QueryPerformanceCounter
LCMapStringW
GetStringTypeW
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
GetConsoleMode
GetConsoleCP
GetStartupInfoW
GetStdHandle
WriteConsoleW
SetHandleCount
FlsAlloc
FlsFree
FlsGetValue
IsValidCodePage
GetTimeZoneInformation
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SizeofResource
TerminateProcess
ExitProcess
ExitThread
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
HeapReAlloc
VirtualQuery
GetSystemInfo
SetThreadStackGuarantee
VirtualAlloc
GetCommandLineA
FlsSetValue
DecodePointer
EncodePointer
RtlUnwindEx
RtlLookupFunctionEntry
GetSystemTimeAsFileTime
RtlPcToFileHeader
RaiseException
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
FindResourceA
FreeResource
GlobalFindAtomA
lstrcmpW
GlobalDeleteAtom
GetUserDefaultUILanguage
ResumeThread
SetThreadPriority
GlobalFlags
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpA
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
ReleaseActCtx
GetModuleFileNameW
GetModuleHandleW
CompareStringA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
LocalAlloc
InitializeCriticalSectionAndSpinCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
ActivateActCtx
DeactivateActCtx
GetModuleHandleA
CreateFileA
lstrcmpiA
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetACP
MultiByteToWideChar
GetLocaleInfoA
GetCurrentProcessId
CopyFileA
CreateProcessA
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FreeLibrary
ExpandEnvironmentStringsW
LoadLibraryW
ExpandEnvironmentStringsA
LoadLibraryA
GetProcAddress
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
CreateThread
GetTickCount
lstrlenA
lstrcpyA
GetCurrentThreadId
CreateFileMappingA
GetLastError
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetPrivateProfileStringA
CreateDirectoryA
GetVersionExA
GetModuleFileNameA
GetSystemDirectoryA
GetTempPathA
Sleep
DeleteFileA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
CompareStringW
user32
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetKeyNameTextA
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
DrawFrameControl
DrawEdge
DrawStateA
GetSystemMenu
LoadMenuW
SetClassLongPtrA
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
DrawIconEx
GetNextDlgGroupItem
LoadImageA
CopyImage
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
RedrawWindow
DestroyMenu
GetMenuItemInfoA
KillTimer
SetTimer
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IntersectRect
InflateRect
RegisterWindowMessageA
LoadIconW
DrawMenuBar
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendMessageA
FindWindowA
MessageBoxA
IsWindow
GetWindowThreadProcessId
PostQuitMessage
SetForegroundWindow
IsIconic
PostMessageA
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongA
IsDialogMessageA
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
GetWindowRgn
SendDlgItemMessageA
GetDlgItem
CheckDlgButton
GetScrollPos
DestroyCursor
DrawIcon
MapDialogRect
GetDoubleClickTime
SubtractRect
LoadIconA
GetClassNameA
IsWindowVisible
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
GetSystemMetrics
CharUpperA
GetDesktopWindow
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
LoadCursorA
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
GetWindowTextA
GetWindowTextLengthA
DestroyIcon
SetWindowTextA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
RealChildWindowFromPoint
GetFocus
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetFocus
SetScrollPos
CharUpperBuffA
gdi32
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetTextExtentPoint32A
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
CreateDIBitmap
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
PatBlt
DPtoLP
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
GetDeviceCaps
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCA
CopyMetaFileA
SetWindowExtEx
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
advapi32
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
GetUserNameA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
shell32
DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
SHBrowseForFolderA
ShellExecuteA
comctl32
ImageList_GetIconSize
shlwapi
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
ole32
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
DoDragDrop
OleCreateMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoInitialize
CoInitializeEx
CreateStreamOnHGlobal
CoCreateInstance
oleaut32
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SysStringLen
VariantChangeType
VariantClear
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
VariantInit
SysAllocString
SysFreeString
GetErrorInfo
ws2_32
inet_ntoa
ntohs
inet_addr
WSCGetProviderPath
WSCEnumProtocols
oleacc
LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject
gdiplus
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundA
Exports
Exports
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 529KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 31KB - Virtual size: 471KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ