Static task
static1
Behavioral task
behavioral1
Sample
1eff6dba75fd5f88ede12b4d4a685ff6513b3c2981df38370ac17af9eb351407.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1eff6dba75fd5f88ede12b4d4a685ff6513b3c2981df38370ac17af9eb351407.exe
Resource
win10v2004-20220812-en
General
-
Target
1eff6dba75fd5f88ede12b4d4a685ff6513b3c2981df38370ac17af9eb351407
-
Size
101KB
-
MD5
4bba2acccc48923ef0355d8cb69c17f1
-
SHA1
5ba9240a21334906f08e12c09f226a10f9dd4344
-
SHA256
1eff6dba75fd5f88ede12b4d4a685ff6513b3c2981df38370ac17af9eb351407
-
SHA512
a4efc74add561f6e6055a3403ba0fb9ba593f18c06e1eb47ab28312a3b5e84eb3d457233daea3ca573088fc525227b4683d58af24030987d55575bf032fa808d
-
SSDEEP
1536:fPhAHa3MNB8CkCI33siXeNhoN7Dk02wvRFEZ7LJmSTJIIWa1FZyNqZ:fPh3cNy/V3zkho5402wv3Ebp
Malware Config
Signatures
Files
-
1eff6dba75fd5f88ede12b4d4a685ff6513b3c2981df38370ac17af9eb351407.exe windows x86
ec170b69f6bd636af1206cfd3d932d28
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetProcessHeap
GetVersionExW
WideCharToMultiByte
IsDBCSLeadByte
SetFileAttributesW
GetThreadLocale
OutputDebugStringA
FreeEnvironmentStringsA
GetTempFileNameA
IsDebuggerPresent
GetFileTime
FlushFileBuffers
GetACP
IsBadReadPtr
FileTimeToLocalFileTime
SystemTimeToFileTime
MultiByteToWideChar
GetStringTypeExA
GetModuleHandleW
LocalFileTimeToFileTime
GetTempPathA
GetExitCodeProcess
UnhandledExceptionFilter
LoadResource
lstrcpyA
GetModuleFileNameW
GetConsoleOutputCP
InterlockedExchange
GetConsoleMode
GlobalLock
lstrcmpA
SetCurrentDirectoryA
DeleteFileA
GetVersion
GetEnvironmentVariableA
GetStartupInfoW
GetShortPathNameA
SetLastError
GlobalReAlloc
RemoveDirectoryA
CompareStringW
GetModuleHandleA
CopyFileA
MulDiv
CompareStringA
IsBadWritePtr
GetStartupInfoA
CopyFileW
VirtualProtect
GetStdHandle
GetUserDefaultLangID
ExpandEnvironmentStringsA
GetCPInfo
SetHandleCount
msvcrt
_controlfp
__setusermatherr
__getmainargs
__p___initenv
_initterm
__p__commode
_XcptFilter
_except_handler3
__set_app_type
__p__fmode
_adjust_fdiv
_exit
advapi32
AdjustTokenPrivileges
GetSecurityDescriptorDacl
RegSetValueExW
LookupPrivilegeValueW
FreeSid
RegQueryValueA
RegEnumKeyExW
GetTokenInformation
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyA
OpenSCManagerW
RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
OpenServiceA
OpenServiceW
RegEnumKeyA
RegDeleteValueA
CheckTokenMembership
AddAccessAllowedAce
CryptHashData
RegDeleteValueW
SetSecurityDescriptorGroup
IsValidSid
CryptCreateHash
CryptAcquireContextA
OpenProcessToken
LookupPrivilegeValueA
RegFlushKey
InitializeSecurityDescriptor
CryptReleaseContext
InitiateSystemShutdownA
DeregisterEventSource
user32
EndDialog
GetClassInfoA
DialogBoxParamA
MapWindowPoints
SetScrollInfo
GetKeyState
SetPropA
KillTimer
SetScrollPos
SetWindowTextA
GetWindowPlacement
ClientToScreen
UnhookWindowsHookEx
IsRectEmpty
DestroyMenu
GetScrollInfo
PostQuitMessage
GetSysColor
DefWindowProcA
wsprintfA
GetMenuItemID
GetMessagePos
GetActiveWindow
DrawEdge
ShowOwnedPopups
DrawFrameControl
GetSystemMetrics
WaitMessage
EmptyClipboard
IsIconic
GetWindowRect
SetScrollRange
LoadIconA
DestroyIcon
EnumWindows
GetCursorPos
IsWindowVisible
GetWindow
SetWindowLongA
RegisterClipboardFormatA
WindowFromPoint
Sections
.text Size: 1024B - Virtual size: 796B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ