Static task
static1
Behavioral task
behavioral1
Sample
3d2dddd3a503fd304c731b10a67a0823c89f8307a7281acf6c2c2fc7aaf57f7e.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3d2dddd3a503fd304c731b10a67a0823c89f8307a7281acf6c2c2fc7aaf57f7e.exe
Resource
win10v2004-20220812-en
General
-
Target
3d2dddd3a503fd304c731b10a67a0823c89f8307a7281acf6c2c2fc7aaf57f7e
-
Size
361KB
-
MD5
a150e1111aeab8451a9624cef49f4e3d
-
SHA1
ddf8fbdd5df16fa3ca1b621074586b6c50784055
-
SHA256
3d2dddd3a503fd304c731b10a67a0823c89f8307a7281acf6c2c2fc7aaf57f7e
-
SHA512
fbbe2badd9062e61ff1cb8424d1ff34efa226ab5a730f79f37325ffe410cea2063739669b1374bd3a6d634c67a713758061b47dd3402824102b73f768d8ec41d
-
SSDEEP
3072:RL0ZcztoSikw4fOj46KMEu1zHwCIsbORbpmTrzBy+7CcshA+5VKcr5ShRJfQfH1q:9mSikQUu5QnjRbpRc21m5fwDVMC5Pc2Y
Malware Config
Signatures
Files
-
3d2dddd3a503fd304c731b10a67a0823c89f8307a7281acf6c2c2fc7aaf57f7e.exe windows x86
797591258cfb5176d18151c7c454b2e7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
Imports
kernel32
GetModuleFileNameA
GetLastError
SetLastError
HeapReAlloc
LoadLibraryW
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
Sleep
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
lstrcpynA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
WriteFile
GetProcAddress
GetCurrentThreadId
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
LoadLibraryExA
lstrcmpiA
lstrcpyA
FindResourceA
LoadResource
LockResource
FreeResource
SizeofResource
GetUserDefaultLangID
FindResourceExW
lstrcpyW
GetCurrentDirectoryW
lstrcatW
HeapCreate
GetProcessHeap
HeapAlloc
SetErrorMode
GetVolumeInformationA
GetOEMCP
GetACP
LoadLibraryA
FreeLibrary
GetVersion
ExitProcess
CreateFileA
ReadFile
InterlockedDecrement
InterlockedIncrement
GetCPInfo
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
SetHandleCount
GetStartupInfoW
HeapSetInformation
GetCommandLineA
WideCharToMultiByte
HeapFree
RaiseException
user32
TranslateMessage
DispatchMessageA
GetMessageA
UnregisterClassA
ShowWindow
CreateWindowExA
RegisterClassExA
GetSysColorBrush
LoadCursorA
DefWindowProcA
InvalidateRect
GetDC
SetWindowLongA
UpdateWindow
DestroyWindow
DialogBoxParamA
GetLastInputInfo
GetDlgItem
SendMessageA
GetWindowDC
ReleaseDC
PostThreadMessageA
LookupIconIdFromDirectory
CreateIconFromResource
GetClientRect
BeginPaint
DrawTextA
EndPaint
LoadIconA
EndDialog
SetDlgItemTextW
SendDlgItemMessageA
BeginDeferWindowPos
EndDeferWindowPos
EnableWindow
PostMessageA
GetSysColor
LoadStringA
gdi32
CreateFontA
CreateRectRgn
CreatePen
SelectObject
Pie
DeleteObject
SaveDC
MoveToEx
LineTo
RestoreDC
SetTextColor
GetStockObject
GetObjectA
CreateFontIndirectA
Polyline
CreateDCA
EnumFontsA
winspool.drv
EnumPrintersA
comdlg32
GetOpenFileNameA
advapi32
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
ole32
CoInitializeEx
CoTaskMemFree
CoGetInterfaceAndReleaseStream
MkParseDisplayName
CreateBindCtx
CoInitialize
CoUninitialize
StringFromCLSID
iphlpapi
GetAdaptersInfo
shlwapi
StrToIntExA
PathFindFileNameA
StrRChrA
pdh
PdhCollectQueryData
PdhOpenQueryA
PdhAddCounterW
msi
ord40
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 57KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flash Size: 166KB - Virtual size: 166KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ