Static task
static1
Behavioral task
behavioral1
Sample
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c.exe
Resource
win10v2004-20220812-en
General
-
Target
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
Size
111KB
-
MD5
7455896ab4e655eb628435c618364d80
-
SHA1
0c96a78371ee2d802e83ac5b3b6fbb2688342a83
-
SHA256
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c
-
SHA512
7f27af86462dd27cbb000f7af1dc8e5321fe02cebcfdad58d9afa4a4c26bb329d771dd56881fb3a14e0b387aee300d446b6c40f0dba793dabb589ecf00c8a73f
-
SSDEEP
3072:p+5pa0iMc1a8IBD/pgpFTJ8ZKLpm8n3Sva:4iMUKgu81m8Ga
Malware Config
Signatures
Files
-
5ebbfdc2bb1938686543842de65fc5c0eacb5032809d616b836e923a9745cc2c.exe windows x86
56dbc092c5f219f5b02a0bb0a0c78408
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetStartupInfoA
GetDriveTypeW
VirtualProtect
WriteConsoleW
lstrlenW
HeapDestroy
VirtualQueryEx
GetFileAttributesW
CopyFileA
SetEvent
lstrcpyA
GetProcessHeap
WriteConsoleW
GetPrivateProfileSectionW
Sleep
CancelIo
WriteConsoleW
GetCommandLineA
GetModuleHandleA
DeleteFileA
GetStdHandle
mmcndmgr
DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllRegisterServer
cryptui
WizardFree
CryptUIWizImport
LocalEnroll
DllRegisterServer
CryptUIWizExport
CryptUIDlgViewContext
CryptUIWizBuildCTL
LocalEnrollNoDS
WizardFree
CryptUIStartCertMgr
DllUnregisterServer
LocalEnroll
CryptUIWizDigitalSign
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 103KB - Virtual size: 103KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 257B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.impexp Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ