Static task
static1
Behavioral task
behavioral1
Sample
2abc45ea3026740c56a80d86a6690a4de979c81c3090e0d7c44b5cf229e83c39.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2abc45ea3026740c56a80d86a6690a4de979c81c3090e0d7c44b5cf229e83c39.exe
Resource
win10v2004-20220812-en
General
-
Target
2abc45ea3026740c56a80d86a6690a4de979c81c3090e0d7c44b5cf229e83c39
-
Size
3.7MB
-
MD5
8008e6fde3bfff10330ea7a161e96c9c
-
SHA1
602df3e790c60402f1bbeba141dfcfcba4d91696
-
SHA256
2abc45ea3026740c56a80d86a6690a4de979c81c3090e0d7c44b5cf229e83c39
-
SHA512
faefd5f05f93019f4f1d4e4014f70e20a2914aef3d4137d45ed2d5a7b6f918a6c9a9c845ab70eea0c33e35553e98216aa3f424d313c2bbafc71a899816b83046
-
SSDEEP
98304:cqhgl5DB3RACNwJ634YBhniaVZENPTF2jD:heFU0DIRFm
Malware Config
Signatures
Files
-
2abc45ea3026740c56a80d86a6690a4de979c81c3090e0d7c44b5cf229e83c39.exe windows x86
a371a79c593600ba7139839128c42668
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
timeGetTime
waveOutPrepareHeader
waveOutWrite
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutGetDevCapsA
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
kernel32
FindFirstFileA
CloseHandle
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
GetSystemInfo
WinExec
WriteFile
DeleteFileA
OpenProcess
GlobalUnlock
GlobalLock
GlobalAlloc
SetEvent
CreateEventA
InitializeCriticalSection
Sleep
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
SetThreadPriority
GetThreadPriority
CreateThread
SetFilePointer
ReadFile
SystemTimeToFileTime
lstrcatA
lstrlenA
lstrcpyA
LocalFileTimeToFileTime
CreateDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
SetFileTime
GetStringTypeW
GetStringTypeA
FindClose
LCMapStringA
GetLocaleInfoA
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryA
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
MultiByteToWideChar
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleW
HeapCreate
HeapReAlloc
GetLastError
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetEndOfFile
GetProcessHeap
LCMapStringW
VirtualAlloc
VirtualFree
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
GetProcAddress
user32
DestroyWindow
ReleaseDC
GetDC
wsprintfA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
LoadStringA
PostQuitMessage
BeginPaint
EndPaint
GetKeyState
DialogBoxParamA
SetCapture
ReleaseCapture
LoadMenuA
GetSubMenu
DeleteMenu
ClientToScreen
TrackPopupMenu
DestroyMenu
DefWindowProcA
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
SetCursor
SetMenu
GetMenu
EnableMenuItem
CheckMenuItem
KillTimer
SetTimer
SetWindowPos
InvalidateRect
GetClientRect
LoadCursorA
EndDialog
GetDlgItem
SetWindowTextA
CreateWindowExA
UpdateWindow
ShowWindow
gdi32
GdiFlush
GetSystemPaletteEntries
SelectPalette
RealizePalette
DeleteObject
CreatePalette
GetDeviceCaps
comdlg32
CommDlgExtendedError
GetOpenFileNameA
shell32
ShellExecuteA
wininet
InternetOpenUrlA
InternetOpenA
InternetCloseHandle
psapi
EnumProcesses
EnumProcessModules
GetModuleFileNameExA
Sections
.text Size: 261KB - Virtual size: 260KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3.3MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 146KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ