Static task
static1
Behavioral task
behavioral1
Sample
11a1d169136c4923b9f739cbdca5e31c11589598f4114d001571e2732152bf3d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
11a1d169136c4923b9f739cbdca5e31c11589598f4114d001571e2732152bf3d.exe
Resource
win10v2004-20220812-en
General
-
Target
11a1d169136c4923b9f739cbdca5e31c11589598f4114d001571e2732152bf3d
-
Size
44KB
-
MD5
00ae0f4f62a724c5129905161c201e90
-
SHA1
f4da725126d669237ea726bb08f130b8a9ee5925
-
SHA256
11a1d169136c4923b9f739cbdca5e31c11589598f4114d001571e2732152bf3d
-
SHA512
180a85c4d5f8eee63a518ea8605957870cf1fc069ed5bbc9f679ac074aa02cb8bd760d7e4dd6fd860b901fe914d356034d0b792a26520d7265e9255186e5445f
-
SSDEEP
768:Em8YutSrBZHL9HG0haNGWIjitIYnauSC2y+/ZupU1WwXV8QCOE3fy44w:dokrBFL9G0ANLIjipnTXsuACF3fSw
Malware Config
Signatures
Files
-
11a1d169136c4923b9f739cbdca5e31c11589598f4114d001571e2732152bf3d.exe windows x86
de91b06e2628fec9dc5e47cba293e5c5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
d3d8thk
OsThunkDdRenderMoComp
OsThunkD3dContextDestroy
OsThunkDdEndMoCompFrame
OsThunkDdGetAvailDriverMemory
OsThunkDdGetFlipStatus
OsThunkDdUnlock
OsThunkDdDestroyD3DBuffer
OsThunkDdReenableDirectDrawObject
OsThunkDdGetDxHandle
OsThunkDdQueryDirectDrawObject
OsThunkDdFlipToGDISurface
OsThunkDdWaitForVerticalBlank
OsThunkDdCreateMoComp
OsThunkD3dContextDestroyAll
OsThunkDdFlip
OsThunkDdSetColorKey
OsThunkDdUnattachSurface
OsThunkDdResetVisrgn
OsThunkDdColorControl
OsThunkDdCreateSurface
OsThunkDdSetExclusiveMode
OsThunkDdGetMoCompBuffInfo
OsThunkDdAlphaBlt
OsThunkDdGetBltStatus
OsThunkDdCreateSurfaceEx
OsThunkD3dDrawPrimitives2
OsThunkDdCanCreateD3DBuffer
OsThunkD3dValidateTextureStageState
OsThunkDdGetScanLine
OsThunkDdLock
OsThunkDdSetGammaRamp
OsThunkDdBeginMoCompFrame
OsThunkDdCanCreateSurface
user32
EmptyClipboard
MessageBoxW
SendNotifyMessageA
ArrangeIconicWindows
ReasonCodeNeedsBugID
RegisterClassW
GetPropA
GetClassNameA
GetWindowRgnBox
CopyIcon
IsWindowUnicode
DestroyIcon
SetMenu
BroadcastSystemMessageExW
QuerySendMessage
GetDCEx
SetShellWindow
GetSysColor
IsZoomed
InSendMessageEx
GetWindowRgn
CallMsgFilterW
SystemParametersInfoW
IsGUIThread
MonitorFromWindow
DdeGetQualityOfService
kernel32
_llseek
SetConsolePalette
EnumUILanguagesW
SetPriorityClass
SetProcessWorkingSetSize
CreateJobObjectW
CreateSemaphoreA
VirtualAlloc
lstrcmp
QueryPerformanceCounter
SetConsoleMenuClose
GetComputerNameExW
GlobalMemoryStatusEx
SetConsoleOutputCP
GetDefaultCommConfigW
FreeResource
SetSystemTime
GetTickCount
GetConsoleAliasA
CancelWaitableTimer
RegisterWowExec
GetSystemTime
LoadLibraryA
FillConsoleOutputAttribute
GetProfileSectionW
WriteConsoleInputVDMA
WaitNamedPipeW
SearchPathA
Heap32ListFirst
oleaut32
VarDecNeg
VarDecFromI2
GetRecordInfoFromGuids
VARIANT_UserFree
VarR4FromR8
VarCyMulI8
VarCyFromI2
VarBstrFromBool
VarI4FromDate
VarBoolFromUI8
VarDecFromR8
VarCyFromDisp
SafeArrayGetVartype
VarDecFromUI2
VarUI2FromI8
CreateErrorInfo
VarDecCmp
OleLoadPictureFileEx
VarI8FromDisp
VarBstrCat
GetAltMonthNames
SafeArrayGetRecordInfo
OleCreateFontIndirect
VarBoolFromUI2
VarBoolFromI4
VarCyFromDate
VarI8FromUI1
mprapi
MprConfigGetGuidName
MprAdminInterfaceUpdateRoutes
MprInfoBlockRemove
MprAdminUserOpen
MprAdminRegisterConnectionNotification
MprAdminPortEnum
MprConfigServerDisconnect
MprAdminUserRead
MprAdminDeregisterConnectionNotification
MprAdminInterfaceCreate
MprConfigGetFriendlyName
MprAdminMIBServerDisconnect
MprConfigInterfaceGetInfo
MprInfoDelete
MprAdminPortGetInfo
MprConfigTransportSetInfo
MprConfigServerGetInfo
MprConfigInterfaceTransportGetHandle
MprAdminInterfaceQueryUpdateResult
MprInfoRemoveAll
MprInfoBlockFind
MprAdminInterfaceGetCredentialsEx
MprConfigInterfaceTransportRemove
CompressPhoneNumber
MprAdminConnectionClearStats
MprAdminServerSetCredentials
MprInfoBlockSet
MprAdminInterfaceEnum
MprAdminServerConnect
Sections
.text Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ