Static task
static1
Behavioral task
behavioral1
Sample
9324c443f90175d9eb7f8c706ef003c3c4d8b0c16ba7df327866090ecf5edbb9.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
9324c443f90175d9eb7f8c706ef003c3c4d8b0c16ba7df327866090ecf5edbb9.exe
Resource
win10v2004-20220812-en
General
-
Target
9324c443f90175d9eb7f8c706ef003c3c4d8b0c16ba7df327866090ecf5edbb9
-
Size
387KB
-
MD5
608e8de6af49a1eea752a0f22767b934
-
SHA1
7fa2be8ca01c4cb7dce9e61d87418247e7a54a98
-
SHA256
9324c443f90175d9eb7f8c706ef003c3c4d8b0c16ba7df327866090ecf5edbb9
-
SHA512
4829baa438c1431177066921f4eee2b9f7ad55e616c53648f1ab042867ad12d797a104fbdf19587211c06c4d32dee940c314b80336b948f0bcbb568615264296
-
SSDEEP
6144:nfrXululululululuAuOjzzUDjTgfH1okjroGWr2:nfrXKKKKKK1zjzQJ5
Malware Config
Signatures
Files
-
9324c443f90175d9eb7f8c706ef003c3c4d8b0c16ba7df327866090ecf5edbb9.exe windows x86
18abb5be0656fc9c83c0510ea3c2bf89
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumKeyW
OpenEventLogW
ClearEventLogA
LogonUserW
InitializeAcl
CryptSignHashW
RegOpenKeyA
ControlService
RegReplaceKeyA
RegSaveKeyA
RegCreateKeyExA
RegUnLoadKeyA
untfs
Chkdsk
FormatEx
shlwapi
UrlIsNoHistoryW
PathIsRootW
UrlGetLocationW
UrlCombineW
PathCommonPrefixA
UrlIsOpaqueW
PathCompactPathW
PathAppendA
PathCombineA
UrlCompareW
PathIsURLW
UrlIsA
UrlHashW
UrlGetPartW
wtsapi32
WTSFreeMemory
WTSSetSessionInformationW
WTSVirtualChannelRead
WTSWaitSystemEvent
WTSRegisterSessionNotification
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSEnumerateServersA
kernel32
WaitForSingleObject
CreateJobObjectW
GetProcAddress
GetStringTypeW
OpenJobObjectW
InitializeCriticalSection
GetCommandLineW
MoveFileA
GetModuleHandleA
GetTempPathA
ReadConsoleA
GetProfileSectionW
GetSystemDirectoryA
CreateMailslotA
CreateFileW
GetLogicalDriveStringsA
GetModuleFileNameW
UnmapViewOfFile
GetDateFormatA
GetVersion
LoadLibraryExA
GetExpandedNameA
lstrcmpiA
DeleteFileW
SearchPathW
GetTickCount
GetFileAttributesW
MoveFileExW
GetConsoleAliasA
Sections
.text Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
.data Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 293KB - Virtual size: 293KB
IMAGE_SCN_MEM_READ