Static task
static1
Behavioral task
behavioral1
Sample
1db3edc0b2820120ab345e8aaea2493f8cf0fda85b820bfe00bd2bbc7f5586bc.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
1db3edc0b2820120ab345e8aaea2493f8cf0fda85b820bfe00bd2bbc7f5586bc.exe
Resource
win10v2004-20220901-en
General
-
Target
1db3edc0b2820120ab345e8aaea2493f8cf0fda85b820bfe00bd2bbc7f5586bc
-
Size
661KB
-
MD5
0ac6a30a522b7f459cbf321df24858b0
-
SHA1
8e65c5e0ef9b6437649170cbc6f7a185f87787ff
-
SHA256
1db3edc0b2820120ab345e8aaea2493f8cf0fda85b820bfe00bd2bbc7f5586bc
-
SHA512
057bdbdda166576172210270b9c7844fd013ef8deaddfac70e48aaec4624a75ace25be4d28261420259fc878f5b45658df2db3583da26f649c34d437ab96a933
-
SSDEEP
12288:wCy+hb00Ro7A02NNBIKjaTNFL1GrfkScNraqg8h:as420SCdaWrnRh
Malware Config
Signatures
Files
-
1db3edc0b2820120ab345e8aaea2493f8cf0fda85b820bfe00bd2bbc7f5586bc.exe windows x86
16fe8974cfd265d7f0b92fe4bc78d28a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
msvcrt
??3@YAXPAX@Z
??1exception@@UAE@XZ
__setusermatherr
tmpfile
wcstoul
__p__fmode
_write
__p__commode
_wgetenv
??0exception@@QAE@ABV0@@Z
_strrev
iscntrl
_c_exit
__p___initenv
_mbsicmp
strncat
??8type_info@@QBEHABV0@@Z
_controlfp
_callnewh
_abnormal_termination
_fcvt
_mbstrlen
vfprintf
??1type_info@@UAE@XZ
odbc32
LockHandle
CursorLibLockDbc
CursorLibLockStmt
PostODBCError
SearchStatusCode
VRetrieveDriverErrorsRowCol
CursorLibTransact
VFreeErrors
ValidateErrorQueue
CursorLibLockDesc
ODBCGetTryWaitValue
PostODBCComponentError
oleaut32
SysAllocStringByteLen
SysStringLen
VariantCopy
VariantCopyInd
SafeArrayCreate
SysAllocStringLen
SafeArrayGetUBound
VariantChangeTypeEx
SafeArrayGetLBound
SysReAllocStringLen
SafeArrayPtrOfIndex
GetErrorInfo
SysFreeString
GetActiveObject
VariantInit
VariantChangeType
VariantClear
setupapi
SetupDiGetActualSectionToInstallW
CM_Get_Sibling_Ex
CM_Connect_MachineW
pSetupGetGlobalFlags
SetupDiBuildDriverInfoList
SetupDiRemoveDevice
CMP_WaitNoPendingInstallEvents
SetupGetTargetPathW
SetupAddToSourceListW
SetupDiBuildClassInfoList
SetupDiGetClassInstallParamsA
SetupQuerySourceListW
SetupDiRegisterDeviceInfo
SetupDiInstallClassW
CM_Get_DevNode_Status
SetupDiGetClassImageList
SetupGetMultiSzFieldA
SetupOpenLog
SetupDiSetDriverInstallParamsW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Registry_PropertyW
SetupDiGetDeviceInstanceIdW
SetupQueryInfFileInformationW
SetupDiGetDeviceInstallParamsW
kernel32
lstrlenW
ReadFile
CreateFiber
GetProcessPriorityBoost
GetEnvironmentStringsW
GetProfileSectionW
WriteConsoleA
SetVolumeLabelA
VirtualAlloc
IsBadHugeWritePtr
DeviceIoControl
SetLastError
CreateFileMappingW
LocalHandle
_lread
GetComputerNameExW
WideCharToMultiByte
ExitProcess
GetEnvironmentVariableW
GetFileTime
GlobalGetAtomNameW
FindVolumeMountPointClose
GetLocaleInfoW
DebugBreak
GetProfileSectionA
ResetEvent
InterlockedIncrement
_hwrite
Sections
.data Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 13KB - Virtual size: 347KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 162KB - Virtual size: 425KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 271KB - Virtual size: 336KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 160KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ