Static task
static1
Behavioral task
behavioral1
Sample
48c09993947375de1ab7af886599b72898dfcab208c5f0e83d9e28067483a8fc.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
48c09993947375de1ab7af886599b72898dfcab208c5f0e83d9e28067483a8fc.exe
Resource
win10v2004-20220901-en
General
-
Target
48c09993947375de1ab7af886599b72898dfcab208c5f0e83d9e28067483a8fc
-
Size
74KB
-
MD5
a100a573b497d98c5e8a602b593f3f84
-
SHA1
004dc3fef5e2a397b7c2927ddf6790334c8982a4
-
SHA256
48c09993947375de1ab7af886599b72898dfcab208c5f0e83d9e28067483a8fc
-
SHA512
7a45e18f939d8819a771ffaed7389e01650c03ae4e58a235801183fc0c408e974e403609496d11e14d608630607956064eba23472439b18ab0a4c9d1e6afc921
-
SSDEEP
1536:JIxGdAF6UGmOeJnrma8pYnAMuCtrjg2mVLk6HdEV:2AAF6UtFopYnAMuYoV5uV
Malware Config
Signatures
Files
-
48c09993947375de1ab7af886599b72898dfcab208c5f0e83d9e28067483a8fc.exe windows x86
bcaee2906238404a480e379a2470a850
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
GetConsoleWindow
GetCurrentProcessId
SetUnhandledExceptionFilter
VirtualProtect
VirtualQuery
msvcrt
_strdup
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
calloc
exit
free
fwrite
malloc
memcpy
memmove
memset
printf
signal
sprintf
strcat
strchr
strcpy
strlen
strncpy
strstr
vfprintf
user32
GetWindowThreadProcessId
ShowWindow
libbgdrtm
appexename
appexename
appexename
appexename
appexename
appexename
appexename
appexename
appexename
appexefullpath
appexefullpath
appexefullpath
appexefullpath
appexefullpath
appexefullpath
appexefullpath
appexepath
appexepath
appexepath
appname
appname
appname
appname
appname
debug
debug
dcb
mainproc
appexefullpath
appexename
appexepath
appname
bgdrtm_entry
bgdrtm_exit
dcb
dcb_load
dcb_load_from
debug
file_addp
file_exists
file_open
file_read
file_seek
getfullpath
init_c_type
instance_go_all
instance_new
mainproc
string_init
strncmpi
sysproc_init
whereis
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 228B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 62KB - Virtual size: 62KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE