CPlApplet
Static task
static1
Behavioral task
behavioral1
Sample
7415efca954aac023e556ad38190750c7b20e76ebf8dbf58ca29aada555aa533.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7415efca954aac023e556ad38190750c7b20e76ebf8dbf58ca29aada555aa533.dll
Resource
win10v2004-20220901-en
General
-
Target
7415efca954aac023e556ad38190750c7b20e76ebf8dbf58ca29aada555aa533
-
Size
80KB
-
MD5
a1a811ef3ab4e2877be5812b12f908b7
-
SHA1
a62b804314a0004e9f6f834dfae48f0b6fcc52fd
-
SHA256
7415efca954aac023e556ad38190750c7b20e76ebf8dbf58ca29aada555aa533
-
SHA512
e9afbba7b73ccedb602c9ec53650ae499ee22cb711988ca22072d93fb800b92928f3655136c0af546ce36c0865879ecad72cb4cc5a26f45d90cd122b1f381bae
-
SSDEEP
1536:lMd2hTDXvBlxk5p1gvT1xJswH7SPFm11ZrpIMQTjXEegBoOV:GdiPmsTLJJH7SPFcnhQTjXE/Os
Malware Config
Signatures
Files
-
7415efca954aac023e556ad38190750c7b20e76ebf8dbf58ca29aada555aa533.dll windows x86
7aafdf53766d8a9b848324ccb722cc29
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetHandleCount
lstrcpyW
MoveFileExW
FindVolumeClose
FileTimeToDosDateTime
FindFirstFileExW
SetStdHandle
EnumResourceNamesW
OpenThread
WaitNamedPipeA
GetTapeParameters
WaitCommEvent
DeleteTimerQueue
AreFileApisANSI
GetConsoleMode
IsDBCSLeadByte
CreateTimerQueue
lstrcmpiW
VerLanguageNameW
CreatePipe
HeapCompact
BackupRead
GetStdHandle
SetConsoleScreenBufferSize
GetFullPathNameW
UnlockFile
WTSGetActiveConsoleSessionId
RegisterWaitForSingleObject
WriteConsoleInputA
GetFileAttributesExA
ReleaseSemaphore
WaitForSingleObject
SetHandleInformation
ClearCommError
GetUserDefaultLangID
SleepEx
GetConsoleCP
BindIoCompletionCallback
EnumResourceLanguagesW
GetStartupInfoA
GetCurrentDirectoryW
GetThreadLocale
SetCurrentDirectoryA
FileTimeToSystemTime
GetStringTypeW
SetWaitableTimer
DeleteFileA
CreateIoCompletionPort
GetEnvironmentStringsW
BackupWrite
QueueUserWorkItem
IsBadWritePtr
FindVolumeMountPointClose
FindResourceExW
GetLogicalDriveStringsA
SetConsoleTitleA
GetCommandLineA
MoveFileW
EnumSystemLocalesA
IsProcessorFeaturePresent
SetComputerNameExW
GetCommMask
FindNextFileA
FreeResource
WaitForMultipleObjectsEx
CreateNamedPipeW
PeekConsoleInputA
EnumUILanguagesW
ExitThread
RtlMoveMemory
FindFirstVolumeW
ResumeThread
TransactNamedPipe
LocalUnlock
GetTempPathW
WriteConsoleA
SetFileTime
GetComputerNameExW
GetThreadTimes
CreateWaitableTimerW
GetVolumeInformationW
CreateEventW
OpenJobObjectW
lstrcmpA
LocalFileTimeToFileTime
ReadConsoleInputA
SetEnvironmentVariableW
GetCurrentDirectoryA
GetQueuedCompletionStatus
GetOverlappedResult
GetCurrentThread
GlobalGetAtomNameA
SetFilePointerEx
ChangeTimerQueueTimer
SetProcessShutdownParameters
GetFileSize
OpenEventA
GetModuleFileNameA
ExitProcess
Sleep
GetTickCount
lstrlenW
lstrlenA
WriteFile
InitializeCriticalSectionAndSpinCount
VirtualQuery
SetLastError
GetProcessHeap
HeapAlloc
CreateFileMappingA
EnterCriticalSection
VirtualProtect
CreateProcessA
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
GetLastError
CreateDirectoryA
GetProcAddress
InterlockedCompareExchange
InterlockedExchange
GetModuleHandleA
CreateEventA
LocalFree
ReadConsoleInputW
HeapFree
oleaut32
SysReAllocStringLen
SysFreeString
SysAllocStringByteLen
advapi32
RegEnumValueA
MakeAbsoluteSD
OpenEventLogW
ImpersonateAnonymousToken
GetServiceDisplayNameW
CredWriteDomainCredentialsW
GetTokenInformation
QueryServiceConfigW
QueryServiceLockStatusA
SaferSetLevelInformation
QueryServiceStatus
RegQueryValueExW
BuildTrusteeWithNameW
RegUnLoadKeyA
RegSetValueW
RegConnectRegistryW
GetUserNameA
SetTokenInformation
RegCloseKey
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
OpenThreadToken
RegisterEventSourceW
StartServiceCtrlDispatcherA
CloseEventLog
GetAclInformation
Exports
Exports
Sections
.text Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ