�"�i�0%]� ��0��&��D�=�.)t4�.�d.�x @�h��-u��~�k�-���t����.7��5O����@َ[~+�2�L���l�k%�f������[��aB����d��5�p��GnrK��+���@舝��T6�1��S)�'���~y�߄i�r��D���3&�݇*3BU�In-�ǻv�;�%j{��N��Ѳ$��I���ߎ��A���H���1&�脰�q���K%��98����ׇN� ����"�����G,155�X�W���'�~O���+�&:�G|�lA�o���� #�m�F�����z���~���i���6o�4�Ǡ�?5��ȇ4�3BF�%!���X�$�|��`j�;3L���4U�M��%s�����Mֽ��* �Р� �T��W!K��-Ԧ���S�I���.��E����MV������s�� _M�b�e��l�������B�����`1�FF[3�8-��n8�x��nWpS8�l*s&�_�.��<�5��i/����),�٣�o��d�G=գ��d��)���Q���2'�g��y�=�K_ʠ���� ̧�O�zeN�����R.���j��$�M�~h�A�տ�p4ObY�8��"�5BK��(����6&�ʵm{0UЋ��j}���ah#`R�e��5R���|I��֢�L����~�G4k͒2� �&�Y���F\�p~�� #}"�z�4����s���c:'�>�'2wٷ�ߤU�ϐۭƭ�f�����x^>X��?�����iB8������sd���q�V^GG��oSP�e]@:�-U̡KK��X�?M�犂�Q��:P��?5s5zn:�/��"�Y�fw&� ���t)} �$+����EU>�,4�<�b>�eG=B����R���_���2�c㡅���P�t\��z��e$^����NQ�[�p� ��X1+ ��O��>a�f�"&U�0����@2��2|lM��ĉM����&^���9?nK����ŋ�(;5��;���p�� w�;d�"p�9I�\�`��C����C�� ����e�E?�V�p�_4gp~� �ڐ��?�(�U �����jz�*���2�/�� Q��@*S� ���XL����4�iv�a>�F���^C��TB�t7��X2���-�7��SnmC ���j�@��>�U��WyW�Rf�A���T7G�z�,ߢ��<��_Fq�<���yz�������)$�s����[�9�cN=Ӧ���͛�����&�>??���d(�^k_����*D�Ͼ�E,]h�2|����j�1�����s�QwpXϙ !Dս`�Y%�:�I� 0T�l����7$� �>.1��1��W��KUJ��V��̓�}��*��D����dG�S|P��V�d�Ԇ�ͫ۹�kF�����̲��'Z�����R�PW$�N�B���>K(R ��S�����F:���9�H����_��^=��b��C����5E(����5�$��wCI��b�/;��tpw�Q����N�f2����b��y���g���V� �Jc�"J��G��`w�¼���sPq�/�;T��I����ww4�P6h�k�\����4�����ڲ'2y��*��}���פ� �MeO�!9��Z'90�1�{��Z��������; @`��+��+������)����Ձ:��<<�`������\�$� �i����F2�K �����|��.HŞ�f�!G&'�4s�*L m�����8��q���S@� ��Qk&A��r������V��Eh ���L3+鴦�vOA���4��1���V`ߣB��0�á����jP}��J�]�����CQj vF�A�S��!Tw�#]9�Oj��K�����%�+q*�|i��/�W�5fm��g���B�<�(�L�C��uX�߁^��V&����F��v�Y�]B=NL��Ch߽j��/Q�xD�B�mjV���.����+r�bo� 1�ʄlO�:_��Β�嶘���ˆ�^Kg;f����������%PǺF544�hZ��6B�e8�Q��K��,��¾I����Ӗ��jt!��w+`��uC�!/��Ι^pk�)������2A�\`Z[��I�!���l)��*y2��S����#����M� .��x1��� �wum�'=���W^ `Cv���N��uIc�4���H�.�#��#�7�S\��A�SA�̫���F��T� Z�($��S��8���z��%�W(�J����0�=q�j�=Y=A���k$zJ�M�=��?k�.s�6�{G&�Gr(�� ��8@�� �S@NW�vV16��T\��(�߇�Yx��EO�Y����6�����ċ���k��]��j�po�L{��rP�M���a)��o�JD���hF��L *���N��fq@�� |�2��?��+���G~�F���H���̈́��n�����Y�A�'|��dz�\A�4�L�?�ˋd��M�����4�#��6'��S�P��8����� �&�&�ۅ�Q�����m�Fܟ��|��>P��/r���!�U��:e���k����>8���g{c�r}�o*W�juݾ����Ҡ����u����HTf.�Ϫ���'���73y�Q-�:�8�0��8�Kz�@qG�7\#>)ⷯ�����94~���g;A|���[|1x�I�� �.�Z@6���@�� ��-�{� "��Y[ V���A^���&a8��>�=�=�̌��\g'����P�<a,$�;�����<�[��"� .&0�ḌL�h�8e�Pڌ����#0/�ߨ�i���7�1�m&J�Ń��<r�Y��옶qW(��D�es���j$�d�����������V�o� ��b ��f�ҟ�0�z��Dh��D|3un����J<X���J�Xk[5ۭ5T`�c#ϫ���M�ل)±n�bU�Ҿ��MZ4*{�'3"�2u�j���2�&�l�̶�i���k�� 3�=�jiR�D����A��H��ѐ��L��Ü!y�=`�Kœ
Static task
static1
Behavioral task
behavioral1
Sample
39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08.exe
Resource
win10v2004-20220812-en
General
-
Target
39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
-
Size
165KB
-
MD5
96ae0b86ca6002d971e1085227ea1890
-
SHA1
55e30f973af9fc3dce47279b5b0fe838b2a87f6d
-
SHA256
39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08
-
SHA512
f1bead994b4a78fe2366b1c2b0bf05307ffd7c7c65aed12a0d65130dce309c8a98035f3a75fe5155b9622ae10871748e7ad771374770a0da4ec899351b33d69f
-
SSDEEP
3072:6NnavGyaM/t4Fw4NV/Uss9Q6OEJLbFqtVrhbZiGD75ViBuWLjurVgFh8O:wnauytVOvwQ6hJLItVvzfPiBVXOWhh
Malware Config
Signatures
Files
-
39be8a31079da57d0c65bd30375f4de3bff9380141a99d91e9a2bb6f19df0c08.exe windows x86
e6565dc9772305643a1151bfd76e7844
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
htons
kernel32
GetCommandLineA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
user32
DispatchMessageA
dnsapi
DnsFlushResolverCache
shlwapi
PathFileExistsA
shell32
SHGetSpecialFolderPathA
mpr
WNetGetUserA
wininet
InternetConnectA
msvcrt
rand
advapi32
RegOpenKeyA
ole32
CoUninitialize
oleaut32
SafeArrayDestroy
Exports
Exports
Sections
.text Size: - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
0 Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
1 Size: - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
2 Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ