Static task
static1
Behavioral task
behavioral1
Sample
90daa608868e5bbfb9112e0045e5c3773612fedb517e34d19ea079d1da65a2cd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
90daa608868e5bbfb9112e0045e5c3773612fedb517e34d19ea079d1da65a2cd.exe
Resource
win10v2004-20220812-en
General
-
Target
90daa608868e5bbfb9112e0045e5c3773612fedb517e34d19ea079d1da65a2cd
-
Size
150KB
-
MD5
5702db86eb130ce2366534d412ba8f40
-
SHA1
cf54e24d3f4c17dbbf9b133b8f6748c8d393e5a1
-
SHA256
90daa608868e5bbfb9112e0045e5c3773612fedb517e34d19ea079d1da65a2cd
-
SHA512
e709cbbc1ee4c6adfc0715e095ebb8d7346c93d11638f4452a3b645be70fe89623d217b287f7138ed37b8689e0c654fc3c94fa5f34b0043473cbefd944f66da0
-
SSDEEP
3072:op3j26UiYUpCyXIOTGgtVftWpUrNwh29YvMEpaWDU:s3UrX4IA5flra29Cy
Malware Config
Signatures
Files
-
90daa608868e5bbfb9112e0045e5c3773612fedb517e34d19ea079d1da65a2cd.exe windows x86
081ec83180f6a91d1c37bdc8a2eb4969
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetClassLongW
EnumDisplayDevicesA
CloseWindow
EnumClipboardFormats
SetWindowTextA
PostQuitMessage
SendMessageTimeoutW
OpenClipboard
SubtractRect
DdeReconnect
SystemParametersInfoA
comdlg32
ChooseColorA
ChooseFontA
CommDlgExtendedError
urlmon
CoInternetCreateZoneManager
CoInternetCreateSecurityManager
URLDownloadToFileW
shell32
FindExecutableA
DragFinish
ExtractIconA
ShellExecuteExW
DragQueryFileW
Shell_NotifyIconW
ShellExecuteA
ole32
StringFromCLSID
CoDisconnectObject
CoTaskMemAlloc
CoInitialize
ReleaseStgMedium
OleSetMenuDescriptor
OleDraw
IsAccelerator
OleRegEnumVerbs
RegisterDragDrop
OleUninitialize
CLSIDFromProgID
OleInitialize
CoLockObjectExternal
CoGetClassObject
OleSetContainedObject
ProgIDFromCLSID
CoCreateInstance
RevokeDragDrop
CoGetInterfaceAndReleaseStream
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
advapi32
InitializeSid
GetUserNameW
GetFileSecurityA
LookupPrivilegeDisplayNameA
GetSidLengthRequired
QueryServiceLockStatusA
StartServiceCtrlDispatcherA
AddAccessDeniedAceEx
AddAccessDeniedObjectAce
wininet
InternetSetOptionW
InternetQueryOptionW
InternetOpenW
InternetConnectW
InternetCloseHandle
HttpSendRequestW
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryExW
InternetGetConnectedState
HttpQueryInfoW
HttpOpenRequestW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache
DeleteUrlCacheEntryW
InternetReadFile
shlwapi
PathRemoveFileSpecW
kernel32
GetConsoleCP
GetConsoleMode
LoadLibraryW
HeapReAlloc
ReadFile
RtlUnwind
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
GetModuleFileNameW
WriteFile
MultiByteToWideChar
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
HeapAlloc
GetTimeZoneInformation
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
LCMapStringW
SetFilePointer
SetStdHandle
HeapSize
WriteConsoleW
CreateFileW
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
WaitForMultipleObjects
TlsGetValue
TlsAlloc
ExitProcess
GetModuleHandleW
GetProcAddress
HeapFree
Sleep
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
CreateThread
GetLastError
CreateEventA
SetEvent
CloseHandle
WaitForSingleObject
SetFilePointerEx
OpenSemaphoreW
GetDiskFreeSpaceExW
DosDateTimeToFileTime
BuildCommDCBA
EnterCriticalSection
LeaveCriticalSection
GetTimeFormatA
GetDateFormatA
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
Sections
.text Size: 73KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 235.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ