Static task
static1
Behavioral task
behavioral1
Sample
3f06ce0c0520cf876bfbd8ca871568418e2231150c3dc13faefd85c5aadbd8a9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3f06ce0c0520cf876bfbd8ca871568418e2231150c3dc13faefd85c5aadbd8a9.exe
Resource
win10v2004-20220812-en
General
-
Target
3f06ce0c0520cf876bfbd8ca871568418e2231150c3dc13faefd85c5aadbd8a9
-
Size
197KB
-
MD5
81658e47890e9f230b76bbc16e546310
-
SHA1
eeacf926456fcba831d0662fd5d2bea5c0490fc9
-
SHA256
3f06ce0c0520cf876bfbd8ca871568418e2231150c3dc13faefd85c5aadbd8a9
-
SHA512
0918444a90835846d100e20268e54d2b34d8932c2b18c2908b5e4d145589f17f9ba590e4c5451d7c7469f7fa81ba54ce10abbceddd68024ed89807e627307c52
-
SSDEEP
3072:XoLuWlLDjieufDNAz60DRFhDpvQ6u7+K2FWW0cjleCIMqnBQhWr/x:XoLuWlVuLNEF9pbYtDW0cjlcMqn7
Malware Config
Signatures
Files
-
3f06ce0c0520cf876bfbd8ca871568418e2231150c3dc13faefd85c5aadbd8a9.exe windows x86
0bd8e376944fd3a4d27c1b031c5aeae2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
realloc
strncat
exit
wcscpy
_errno
strncmp
printf
time
srand
atoi
rand
strncpy
strcat
strrchr
_except_handler3
free
strcmp
strcpy
malloc
strchr
memcmp
strstr
strlen
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z
_strcmpi
_strnicmp
_strrev
memset
msvcp60
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
mfc42
ord2764
ord4129
ord6648
ord537
ord926
ord924
ord922
ord535
ord858
ord6663
ord860
ord4278
ord939
ord6877
ord540
ord2818
ord800
kernel32
FindNextFileA
GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
GetTempPathA
CopyFileA
CreateMutexA
ExitProcess
SetErrorMode
OpenEventA
ReleaseMutex
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetSystemInfo
GlobalMemoryStatus
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProcessHeap
HeapAlloc
HeapFree
GetModuleFileNameA
OutputDebugStringA
InterlockedExchange
MultiByteToWideChar
GetTickCount
ExitThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
GetVersionExA
WinExec
SetLastError
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
FindFirstFileA
LocalReAlloc
RaiseException
LocalFree
FindClose
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
GetPrivateProfileStringA
lstrcmpA
WideCharToMultiByte
FreeLibrary
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileSectionNamesA
GetProcAddress
LoadLibraryA
CloseHandle
TerminateThread
SetEvent
ResumeThread
CreateThread
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
lstrcpyA
Sleep
lstrlenA
user32
CharNextA
MessageBoxA
ExitWindowsEx
LoadCursorA
DestroyCursor
BlockInput
SendMessageA
SystemParametersInfoA
MapVirtualKeyA
SetCapture
WindowFromPoint
SetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
GetCursorInfo
SetProcessWindowStation
OpenWindowStationA
GetProcessWindowStation
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
EnumWindows
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
PostMessageA
CreateWindowExA
CloseWindow
IsWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
Sections
.text Size: 134KB - Virtual size: 133KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ