Static task
static1
Behavioral task
behavioral1
Sample
985a28d26b14e6ad96e4ac51b7d19e5599a90e5df6699187ce3e0b103ccb9645.exe
Resource
win7-20220812-en
General
-
Target
985a28d26b14e6ad96e4ac51b7d19e5599a90e5df6699187ce3e0b103ccb9645
-
Size
400KB
-
MD5
0abf82013508a6c687dc5f9f919bfc10
-
SHA1
8bb5e2fe03dd01a51e4d8df900e80bf79f76821a
-
SHA256
985a28d26b14e6ad96e4ac51b7d19e5599a90e5df6699187ce3e0b103ccb9645
-
SHA512
1bf5225dfe13f9611dd66a2e13623b3b74c2cdd2c9f3dd49539940ca49f6dda350e8ff14ba59a9342f8afacfa9557041817dffb63f75eef84e85afe6a339b395
-
SSDEEP
6144:f8dUNTQfXxpqCVGlEb888X2LklmyHvzbmZshkCywGaO:f8BpqCIlfWuTHvzbGmKr
Malware Config
Signatures
Files
-
985a28d26b14e6ad96e4ac51b7d19e5599a90e5df6699187ce3e0b103ccb9645.exe windows x86
6728912e246483388997db64807a33e8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalAlloc
MulDiv
lstrcmpW
GetModuleHandleW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
CreateMutexW
LockResource
FindResourceExW
FlushFileBuffers
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
LoadLibraryW
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetFilePointer
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GlobalLock
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
GetStdHandle
WriteFile
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineW
DecodePointer
EncodePointer
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GlobalUnlock
FlushInstructionCache
GetCurrentProcess
SetLastError
RaiseException
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetModuleFileNameW
CloseHandle
InterlockedIncrement
CreateProcessW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
GetEnvironmentStringsW
user32
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
CallWindowProcW
GetWindowLongW
SetWindowLongW
DefWindowProcW
LoadCursorW
RegisterClassExW
InvalidateRgn
GetClientRect
ReleaseCapture
DestroyAcceleratorTable
FillRect
EndDialog
KillTimer
PostMessageW
FindWindowExW
SetWindowRgn
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetWindowRect
PostQuitMessage
SetTimer
SetForegroundWindow
LoadIconW
IsDialogMessageW
CreateDialogParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
ShowWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
SendMessageW
IsWindow
GetClassNameW
GetSysColor
CharNextW
SetWindowPos
RedrawWindow
GetClassInfoExW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
ClientToScreen
GetParent
ScreenToClient
MoveWindow
SetCapture
UnregisterClassA
gdi32
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
DeleteObject
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps
CreateRoundRectRgn
CreateCompatibleDC
advapi32
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
shell32
SHGetFolderPathW
ole32
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoCreateInstance
oleaut32
SysAllocString
VariantClear
VarUI4FromStr
DispCallFunc
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
VarBstrCmp
SysFreeString
VariantInit
shlwapi
PathRemoveFileSpecW
PathFileExistsW
PathAppendW
PathQuoteSpacesW
comctl32
InitCommonControlsEx
Sections
.text Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 164KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE