Static task
static1
Behavioral task
behavioral1
Sample
00b9a52f5613e88234c66144475ea305e21276be4207253a977f6502fc2d4b35.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
00b9a52f5613e88234c66144475ea305e21276be4207253a977f6502fc2d4b35.exe
Resource
win10v2004-20220812-en
General
-
Target
00b9a52f5613e88234c66144475ea305e21276be4207253a977f6502fc2d4b35
-
Size
1.3MB
-
MD5
a1f22ba2b8f1154e8b2faa378f26be32
-
SHA1
57379cd735df576b5e6d5e4430e3799b67e867b3
-
SHA256
00b9a52f5613e88234c66144475ea305e21276be4207253a977f6502fc2d4b35
-
SHA512
1bbc70955ad2ba1a5ac4c07004ff53b3ce02f391b3c4a84cf4e33156eb454acff16eeb40d82884ad63f1a3797aa92b8c754edc533b1ddc26c1cbb63f3fb7c267
-
SSDEEP
24576:/l2ZDBaZPAr1/wWeFbL8OSk8lNeR7CjfM0ZBpQcYt+LmiG/a4R5VG:0uOtq7f0ZBnYCs+
Malware Config
Signatures
Files
-
00b9a52f5613e88234c66144475ea305e21276be4207253a977f6502fc2d4b35.exe windows x86
776e1a020754b3f79cd2a9505b7fa751
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleW
FreeLibrary
InterlockedDecrement
lstrlenW
LoadLibraryW
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CreateEventW
SetEvent
GetTickCount
GetFileSize
lstrcpyW
lstrcmpiW
CompareStringW
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
WriteFile
InterlockedIncrement
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
TerminateThread
WaitForSingleObject
GetLocalTime
OutputDebugStringW
GetCurrentProcessId
FreeResource
SizeofResource
LockResource
GetProcAddress
FindResourceW
GetVersionExW
ResetEvent
WaitForMultipleObjects
SetFileAttributesW
SetCurrentDirectoryW
CreateProcessW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetTempPathW
GetStdHandle
LoadLibraryExW
GetWindowsDirectoryW
GetSystemDirectoryW
SetFileTime
MoveFileW
CreateDirectoryW
GetShortPathNameW
GetFullPathNameW
GetCurrentDirectoryW
SearchPathW
GetTempFileNameW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetLogicalDriveStringsW
SetFilePointer
GetFileInformationByHandle
SetEndOfFile
CompareFileTime
FileTimeToSystemTime
OpenProcess
TerminateProcess
GetCurrentProcess
FlushInstructionCache
CopyFileW
ExitProcess
CreateMutexW
GetLastError
EnterCriticalSection
LeaveCriticalSection
CreateFileW
ReadFile
CloseHandle
GetCommandLineW
GetUserDefaultLangID
GetSystemDefaultLangID
GetCurrentThreadId
Sleep
DeleteFileW
LoadResource
GetStartupInfoW
user32
EnableWindow
DrawTextW
MoveWindow
GetClassNameW
GetWindowTextLengthW
GetWindowTextW
GetDC
OffsetRect
CharNextW
SetWindowTextW
UpdateWindow
EndDialog
GetDlgItem
ScreenToClient
SetDlgItemTextW
IsWindowVisible
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
CreateWindowExW
LoadStringW
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowW
SetRectEmpty
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
MessageBoxW
PostThreadMessageW
CreateDialogParamW
SetFocus
SetCursor
PtInRect
InvalidateRect
EndPaint
BeginPaint
GetDlgCtrlID
FillRect
DrawFocusRect
GetFocus
GetSysColor
IsWindowEnabled
CharLowerW
GetForegroundWindow
GetParent
GetActiveWindow
ShowWindow
PostMessageW
SetTimer
IsDialogMessageW
PostQuitMessage
DestroyWindow
LoadImageW
GetSystemMetrics
KillTimer
SetForegroundWindow
SendMessageW
IsWindow
GetWindowLongW
DefWindowProcW
SetWindowLongW
CallWindowProcW
CharToOemW
CharUpperW
GetDesktopWindow
DrawIcon
ReleaseDC
FindWindowExW
GetWindowThreadProcessId
gdi32
SetBkMode
CreateBrushIndirect
SetTextColor
CreateCompatibleDC
DeleteObject
DeleteDC
GetStockObject
GetObjectW
CreateFontIndirectW
BitBlt
SelectObject
CreateSolidBrush
advapi32
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
SHFileOperationW
ShellExecuteW
Shell_NotifyIconW
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ole32
CoInitialize
CoUninitialize
CoCreateInstance
oleaut32
SysFreeString
VariantClear
VariantCopy
SysAllocString
shlwapi
PathRemoveFileSpecW
PathAddBackslashW
PathFindFileNameW
PathFileExistsW
PathCombineW
StrStrIW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
iphlpapi
GetAdaptersInfo
msvcp60
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?_Refcnt@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEAAEPBG@Z
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
?insert@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IPBGI@Z
??8std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7out_of_range@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
psapi
EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW
comctl32
InitCommonControlsEx
_TrackMouseEvent
wininet
InternetErrorDlg
InternetOpenW
HttpQueryInfoW
InternetSetStatusCallbackW
InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW
InternetReadFileExA
InternetConnectW
msvcrt
wcscat
vswprintf
_wcslwr
wcscmp
wcspbrk
wcschr
wcstok
swprintf
wcsncmp
wcsncpy
rand
malloc
_wtoi
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_ftol
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_beginthreadex
memmove
wcsstr
free
wcscpy
realloc
_wcsicmp
__CxxFrameHandler
wcslen
_purecall
tolower
wcsrchr
_exit
_controlfp
_onexit
__dllonexit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
_waccess
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
Sections
.text Size: 300KB - Virtual size: 300KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 948KB - Virtual size: 948KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ