Static task
static1
Behavioral task
behavioral1
Sample
7514f03ff8571ae76dfc0db5ba5c15e901d1e6cfe314b11f33bd4c69a3681806.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7514f03ff8571ae76dfc0db5ba5c15e901d1e6cfe314b11f33bd4c69a3681806.exe
Resource
win10v2004-20220812-en
General
-
Target
7514f03ff8571ae76dfc0db5ba5c15e901d1e6cfe314b11f33bd4c69a3681806
-
Size
229KB
-
MD5
586018d7827468a252288905ad2ed670
-
SHA1
4d4ba1f69010bd78d7a7a87a1a078f2386132776
-
SHA256
7514f03ff8571ae76dfc0db5ba5c15e901d1e6cfe314b11f33bd4c69a3681806
-
SHA512
94565d5fe2d65d0f0033bba76d415da62a186d81d2d09a5b0f2ba037b413421ff712e8a6b5cfb1d431d506c25d4d5f43c5d3e4d76779f61109473acbdb2d4702
-
SSDEEP
3072:OWUCLV2VHMf2oo09/Iwdo5iuiiAd3JTAeJTA1x:+cQsfq01Po5
Malware Config
Signatures
Files
-
7514f03ff8571ae76dfc0db5ba5c15e901d1e6cfe314b11f33bd4c69a3681806.exe windows x86
48f17fc642259553b438c2bb4ed202e3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualAlloc
GetLastError
DeviceIoControl
WaitForSingleObject
CreateEventA
lstrlenA
FormatMessageA
GetOverlappedResult
DuplicateHandle
GetCurrentProcess
OpenProcess
ExitProcess
GetModuleHandleA
GetCommandLineA
GetCommConfig
CloseHandle
GetTickCount
lstrcpyA
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateThread
CreateEventW
SetEvent
Sleep
lstrcmpiW
GetCurrentThreadId
GetCommandLineW
user32
GetSystemMetrics
LoadCursorA
LoadIconW
gdi32
GetTextExtentPoint32A
DeleteObject
SelectObject
msvcrt
__argc
__argv
toupper
_ftol
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
strncpy
_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
wcscmp
_except_handler3
advapi32
RegQueryValueExW
RegOpenKeyExA
Sections
.text Size: 195KB - Virtual size: 195KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flat Size: 512B - Virtual size: 92B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ