Static task
static1
Behavioral task
behavioral1
Sample
ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830.exe
Resource
win10v2004-20220901-en
General
-
Target
ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
-
Size
201KB
-
MD5
916c3ee6ff923f3649c311c00da1f04d
-
SHA1
54c68a00dff28730817aaa292552a89eb0432083
-
SHA256
ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830
-
SHA512
135de02808cb87d44a6b602edc99106e17294cafa7df1055844b37e7555cdb6026ad5cca87fe4ef1f1ee72d73dfd4b3ba618656f58cc6baf9cfdf330ff3869ea
-
SSDEEP
6144:ToGHohfBO/EjvZX+FLwCrRrYSRnWXAojbq:lIhpO/EjhX+frRrRnE9
Malware Config
Signatures
Files
-
ab5cdc0493772658a16c99cc7f8af2c1d60cbb1a8f4bd9e5dbe9b99ada86a830.exe windows x86
17d63088ae86445957adb732beab99c3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
IsBadWritePtr
GetFileType
CreateNamedPipeW
MoveFileA
CopyFileExA
GetProcAddress
SetErrorMode
OpenEventW
GlobalFindAtomW
ReadDirectoryChangesW
EnumCalendarInfoA
GetCommandLineA
GetModuleHandleA
ExpandEnvironmentStringsW
Sleep
TlsAlloc
user32
LoadImageW
DrawTextW
GetWindowRgn
GetAsyncKeyState
GetKeyboardType
UnregisterClassA
CreateWindowExA
PostMessageA
CheckRadioButton
PostMessageW
GetIconInfo
CharPrevA
UpdateLayeredWindow
GetActiveWindow
IsIconic
UnregisterClassW
FindWindowW
GetDC
RegisterWindowMessageW
GetKeyState
CreateAcceleratorTableW
GetScrollPos
GetCapture
DialogBoxParamA
MonitorFromPoint
GetDlgItem
CreateCaret
DestroyMenu
SendMessageW
GetDlgItemTextA
GetDC
GetWindowTextLengthW
MessageBoxW
GetWindowTextLengthA
CharNextA
CreateDesktopA
UpdateWindow
CopyRect
GetWindowTextA
RegisterClassA
EndMenu
gdi32
EnumFontFamiliesW
GetColorSpace
SetICMProfileA
CreateEnhMetaFileW
GetNearestPaletteIndex
SetROP2
GetTextAlign
GetRasterizerCaps
SetArcDirection
SetDeviceGammaRamp
CloseFigure
CreateDCW
CreatePolyPolygonRgn
CreatePolygonRgn
CreateFontIndirectExW
PlayEnhMetaFile
CreateDIBPatternBrushPt
GetCharacterPlacementW
GetTextExtentPointW
PolyBezier
advapi32
RegOpenKeyA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegEnumValueW
RegReplaceKeyW
RegEnumValueA
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegRestoreKeyA
shell32
StrCmpNA
StrStrIW
StrNCmpIA
StrNCmpIW
Shell_NotifyIconW
SHGetDiskFreeSpaceExW
StrNCmpW
StrChrIW
shlwapi
SHRegGetBoolUSValueA
SHOpenRegStreamW
AssocQueryStringByKeyA
PathStripPathA
StrCmpIW
PathUnquoteSpacesA
StrToInt64ExA
PathIsRootW
UrlUnescapeA
StrRChrW
Sections
.tcS Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.OXMZ Size: 4KB - Virtual size: 495KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.sreVG Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.k Size: 2KB - Virtual size: 458KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 108KB - Virtual size: 422KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.RGEXB Size: 4KB - Virtual size: 339KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 850B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ