Static task
static1
Behavioral task
behavioral1
Sample
d6f5175f900fa6fee3ffbfae2fd9116181615184e7608e14644756103353c16d.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
d6f5175f900fa6fee3ffbfae2fd9116181615184e7608e14644756103353c16d.exe
Resource
win10v2004-20220812-en
General
-
Target
d6f5175f900fa6fee3ffbfae2fd9116181615184e7608e14644756103353c16d
-
Size
6.6MB
-
MD5
97233197d15548f9141a2c6fda65b152
-
SHA1
abbb71ea79914ee0e0b5b99d05d20f92267b46ba
-
SHA256
d6f5175f900fa6fee3ffbfae2fd9116181615184e7608e14644756103353c16d
-
SHA512
def64bb481f175d3a88bca0118657bb5bff7781a453f8c796e32d6ac9c70d47efeecc9343dedc1bf14f8cb33102ca6e3089a1a11b030e6567cfa2e4621c963db
-
SSDEEP
196608:hAxSK67FzIrHVMb6DsriJDKOCJqqAHpmROfVTTZ:hAxm7+Ts3xJqqgmk9F
Malware Config
Signatures
Files
-
d6f5175f900fa6fee3ffbfae2fd9116181615184e7608e14644756103353c16d.exe windows x86
bdd0254ab194525452540e90e77d4fa2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
kernel32
GetLongPathNameW
CloseHandle
GetModuleFileNameW
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
CreateFileW
GetFileAttributesW
GetCurrentProcess
SetLastError
GetNativeSystemInfo
GetVersionExW
IsWow64Process
GetACP
GetSystemDefaultLCID
ExpandEnvironmentStringsW
MultiByteToWideChar
CompareStringW
FoldStringW
FreeResource
LockResource
OpenProcess
GetCurrentProcessId
TerminateProcess
GetExitCodeProcess
SetUnhandledExceptionFilter
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
ExitThread
TerminateThread
ReadProcessMemory
ResumeThread
WaitForDebugEvent
ContinueDebugEvent
DebugActiveProcess
SetEvent
ReleaseSemaphore
WaitForSingleObject
WaitForMultipleObjects
Sleep
LoadResource
SizeofResource
GetFileInformationByHandle
GetModuleHandleW
WriteFile
ReadFile
FlushFileBuffers
DeviceIoControl
SetEndOfFile
SetFilePointer
FindClose
GetFileTime
DuplicateHandle
GetTickCount
CreatePipe
CreateEventW
CreateSemaphoreW
CreateProcessW
FindResourceW
GetDiskFreeSpaceW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesExW
DeleteFileW
WideCharToMultiByte
OutputDebugStringW
GetCommandLineW
GetModuleFileNameA
WriteConsoleW
GetProcessWorkingSetSize
SetProcessWorkingSetSize
WriteFileGather
VirtualLock
VirtualUnlock
GetConsoleCP
HeapReAlloc
HeapSize
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
LoadLibraryExW
GetProcAddress
InitializeCriticalSectionAndSpinCount
FreeLibrary
RaiseException
DecodePointer
HeapAlloc
HeapDestroy
HeapCreate
FormatMessageW
GetLastError
LocalFree
ConvertDefaultLocale
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
FileTimeToSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
GetLocalTime
GetSystemTimeAsFileTime
GetSystemTime
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
GetConsoleMode
SetFilePointerEx
GetFileSize
GetModuleHandleExW
FindNextFileA
FindFirstFileExA
SetStdHandle
LCMapStringW
GetStringTypeW
HeapFree
GetStdHandle
ExitProcess
FreeLibraryAndExitThread
CreateThread
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RtlUnwind
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
UnhandledExceptionFilter
IsProcessorFeaturePresent
user32
GetFocus
SetFocus
CharUpperW
GetWindowTextW
MessageBoxW
IsCharAlphaW
GetForegroundWindow
GetActiveWindow
CharLowerW
MessageBeep
gdi32
DeleteObject
GdiFlush
advapi32
ConvertSidToStringSidW
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ole32
CoTaskMemFree
CoCreateGuid
CoInitialize
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
OleInitialize
OleUninitialize
CoCreateInstance
StringFromGUID2
oleaut32
SysFreeString
SysAllocString
rpcrt4
UuidCreateSequential
Sections
.text Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 111KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 543KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ