Static task
static1
Behavioral task
behavioral1
Sample
83f6e8e9d62cd5802d19d09d438f2d44564e5ac3896ec3d88ca9f8a303424950.exe
Resource
win7-20220812-en
General
-
Target
83f6e8e9d62cd5802d19d09d438f2d44564e5ac3896ec3d88ca9f8a303424950
-
Size
253KB
-
MD5
818823fb7049a9e922bbd1db2999f0b3
-
SHA1
84bd4b234b0ea1b80e1e8208dd7727e6a9aea782
-
SHA256
83f6e8e9d62cd5802d19d09d438f2d44564e5ac3896ec3d88ca9f8a303424950
-
SHA512
f1ce735a26ed55c175d17e1244a3990910835545d5dcfb351fd284d56a060c315665af2245f990b8d4457501f2febf906da8f891425bfff70f57ea8d96082f93
-
SSDEEP
6144:D8W1PCZuujZBcDeDR0Lti2QPhaL3QY6lUoUr:YCCZuujZB0eDR0cC3VwxU
Malware Config
Signatures
Files
-
83f6e8e9d62cd5802d19d09d438f2d44564e5ac3896ec3d88ca9f8a303424950.exe windows x86
5fed64cbbe7d12648599a62a0e69f0ac
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLastError
GetProcAddress
GetModuleHandleW
lstrcmpiW
GetModuleFileNameW
Sleep
CreateThread
CreateEventW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
SetEvent
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
LocalFree
FormatMessageW
FindResourceExW
WaitForSingleObjectEx
SwitchToThread
DuplicateHandle
GetCurrentProcess
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
ResetEvent
GetCurrentThread
CompareStringW
CompareStringA
CreateFileA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
CreateFileW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WaitForSingleObject
CopyFileW
CloseHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
SetEnvironmentVariableA
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
ReadFile
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteFileW
GetSystemTimeAsFileTime
ExitThread
GetStartupInfoW
VirtualFree
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
user32
DispatchMessageW
GetMessageW
PostThreadMessageW
CharNextW
CharUpperW
PeekMessageW
MessageBoxW
wsprintfW
TranslateMessage
advapi32
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
shell32
ord165
SHGetFolderPathW
ole32
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoCreateInstance
oleaut32
LoadRegTypeLi
SysStringLen
SysFreeString
GetErrorInfo
DispCallFunc
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
VarBstrCmp
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
shlwapi
PathFileExistsW
PathRemoveFileSpecW
Sections
.text Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rmnet Size: 56KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE