EntryPoint
ServiceMain
Static task
static1
Behavioral task
behavioral1
Sample
820d7862da8b777fdcf8332a9dfb12a39e0701fc2a1b01c19e4ee26d36df5204.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
820d7862da8b777fdcf8332a9dfb12a39e0701fc2a1b01c19e4ee26d36df5204.dll
Resource
win10v2004-20220812-en
Target
820d7862da8b777fdcf8332a9dfb12a39e0701fc2a1b01c19e4ee26d36df5204
Size
303KB
MD5
96809f603bace5bb35738d5a282b3620
SHA1
9a6215cef717494a58201cb3dd6c177be4a815ec
SHA256
820d7862da8b777fdcf8332a9dfb12a39e0701fc2a1b01c19e4ee26d36df5204
SHA512
b792ed8689a0906d9bc4dd0a2e7accfdab8e5353b48bf311f2bd3508288caf7ef0cbf8f7bca748e2cd9ca735e5c2e144550c4575c9e69e22f4b2302ad2c535d9
SSDEEP
6144:OWILFO3JWpz9MSJKu8A8estXg1XTBquahnz:kEJWpz9jKuv8TtQ1XTsus
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
InternetConnectA
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
HttpQueryInfoA
InternetCloseHandle
SymGetLineFromAddr64
SymFunctionTableAccess64
SymGetModuleBase64
SymGetOptions
SymCleanup
SymInitialize
StackWalk64
SymFromAddr
SymSetOptions
LCMapStringW
WriteConsoleW
SetStdHandle
LoadLibraryW
InterlockedExchange
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileSize
WaitForSingleObject
ReadFile
GetModuleFileNameW
CreateFileW
CloseHandle
VirtualFree
FormatMessageA
GetSystemDirectoryW
GetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
ExitProcess
CreateFileA
GetUserDefaultLCID
lstrlenA
MoveFileExA
FreeLibrary
SetEvent
WriteFile
CreateEventA
GetLocalTime
DeleteFileA
GetCurrentProcess
GetCurrentThread
SetLastError
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
SetFileTime
GetFileAttributesA
GetSystemDirectoryA
CreateDirectoryA
FindFirstFileA
FindClose
FindNextFileA
GetFileTime
GetTickCount
GetWindowsDirectoryW
GetVolumeInformationW
GetTimeZoneInformation
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InitializeCriticalSection
CompareStringW
SetEnvironmentVariableA
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
HeapFree
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
HeapSize
RtlUnwind
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
wsprintfA
RegCloseKey
SetServiceStatus
RegOpenKeyExA
RegisterServiceCtrlHandlerA
RegEnumValueW
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
SHGetFolderPathA
StrStrIW
EntryPoint
ServiceMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ