Static task
static1
Behavioral task
behavioral1
Sample
0157bc4a9e74bd7106e3af062f6c3cf66d9b67bca9fb3c7d3b5dc404f2aa38e1.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0157bc4a9e74bd7106e3af062f6c3cf66d9b67bca9fb3c7d3b5dc404f2aa38e1.dll
Resource
win10v2004-20220901-en
General
-
Target
0157bc4a9e74bd7106e3af062f6c3cf66d9b67bca9fb3c7d3b5dc404f2aa38e1
-
Size
270KB
-
MD5
0bd0a76aa30e091bffd905e24f6d5d8d
-
SHA1
47b7dec8a297c1080e1e180ed921345ad846b75d
-
SHA256
0157bc4a9e74bd7106e3af062f6c3cf66d9b67bca9fb3c7d3b5dc404f2aa38e1
-
SHA512
358ff42617ffd11c10a947df8a44cd909f04013eecb688839e74d7f7df5dd4f6ac91503c01d3f22c794e41c7fc7fdb7eefbbde160adc366248a0644cacf4398a
-
SSDEEP
6144:7MaLH7M8Vfmv9y7ZaZIjPUTLwn0x2SKpowU9:7vbnfm1y1a2U00xrK
Malware Config
Signatures
Files
-
0157bc4a9e74bd7106e3af062f6c3cf66d9b67bca9fb3c7d3b5dc404f2aa38e1.dll windows x86
3895b15ce61802e58579b4ebb609e426
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
LineTo
Rectangle
CreatePen
MaskBlt
GetObjectW
CreateCompatibleDC
PatBlt
GetTextExtentPoint32W
ExtTextOutW
SetBkMode
SetTextColor
GetBkColor
DPtoLP
GetNearestColor
CreateDCW
GetDIBits
MoveToEx
SelectPalette
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreateFontW
SelectObject
GetCharWidthW
GetTextMetricsW
CreateFontIndirectW
DeleteDC
CreatePalette
GetPaletteEntries
CreateDIBSection
GetDeviceCaps
DeleteObject
RealizePalette
kernel32
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
HeapFree
GetProcessHeap
GlobalUnlock
HeapAlloc
GlobalLock
GetTempFileNameW
GetTempPathW
GetFileAttributesW
WideCharToMultiByte
GetACP
SetCurrentDirectoryW
MoveFileExW
MulDiv
GlobalFree
MultiByteToWideChar
FreeLibrary
lstrlenA
GetCurrentThreadId
SetThreadLocale
GetVersionExW
GetLocaleInfoW
GetSystemTime
CreateProcessW
GetFullPathNameW
GetModuleFileNameW
GetCommandLineW
CopyFileW
CreateFileW
LCMapStringW
GlobalReAlloc
GlobalAlloc
GetDriveTypeW
SizeofResource
LockResource
LoadResource
FindResourceW
lstrcmpW
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetTimeFormatW
GetDateFormatW
CloseHandle
GetCurrentDirectoryW
CompareStringW
LocalAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
GetTempPathA
GetTempFileNameA
FormatMessageW
GetCurrentProcessId
QueryPerformanceCounter
VirtualProtect
FormatMessageA
GetThreadLocale
InterlockedExchange
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentThread
GetFileInformationByHandle
FlushFileBuffers
UnlockFile
LockFile
GetVersionExA
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
ReadFile
WriteFile
LoadLibraryA
LocalFree
WaitForSingleObject
ResetEvent
SetEvent
Sleep
GetFileAttributesExW
GetSystemPowerStatus
lstrcmpiW
lstrlenW
CreateDirectoryW
DeleteFileW
RaiseException
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
GetTickCount
GetStringTypeExW
CreateProcessA
advapi32
OpenThreadToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyW
shlwapi
PathFindFileNameW
StrChrW
PathRemoveExtensionW
PathFindSuffixArrayW
StrStrIW
PathRemoveFileSpecW
PathFindExtensionW
comctl32
ord17
shell32
SHBrowseForFolderW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetFolderPathW
SHIsFileAvailableOffline
SHGetDiskFreeSpaceExW
CommandLineToArgvW
SHAddToRecentDocs
DragQueryFileW
SHAppBarMessage
ole32
OleInitialize
StringFromGUID2
OleUninitialize
StgOpenStorageEx
CoInitialize
CoUninitialize
StgCreateStorageEx
ReleaseStgMedium
CreateStreamOnHGlobal
PropVariantClear
CoCreateInstance
CoGetMalloc
oleaut32
SysAllocStringLen
VariantTimeToSystemTime
VariantChangeType
SysStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantInit
VariantClear
SysAllocString
SysFreeString
VarFormatNumber
msimg32
AlphaBlend
comdlg32
CommDlgExtendedError
GetFileTitleW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
EnumPrintersW
ord203
AdvancedDocumentPropertiesW
urlmon
HlinkNavigateString
msi
ord39
Sections
.text Size: 224KB - Virtual size: 524KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 556KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 220B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ