Static task
static1
Behavioral task
behavioral1
Sample
a0d84fe3721c23db1de2c9b8952ccbb3d66b0eed1c27659cd60bee73ba36d6f9.exe
Resource
win7-20220812-en
General
-
Target
a0d84fe3721c23db1de2c9b8952ccbb3d66b0eed1c27659cd60bee73ba36d6f9
-
Size
286KB
-
MD5
e0c741b4f7243043578fb57720abf68b
-
SHA1
20b567e236b21f1f5b9be46fb5b1247569d25543
-
SHA256
a0d84fe3721c23db1de2c9b8952ccbb3d66b0eed1c27659cd60bee73ba36d6f9
-
SHA512
e589cfda3f24682618884f3b7631b08cac6cebb56f9b1b815095ade0aa2b790c1ecd35685d2e1665c0685b7c238a355b2dd78c07be3b4567fc4fd8a33b103971
-
SSDEEP
3072:9i95aCyWTaLO0XGn8AtB6MX5P73AVA1UnmSmWOmtH0MOaQRnGqFJeUAUUUEUAUvO:9UaIT4O0EDtXzQVATSmWOmJ+hr0tC
Malware Config
Signatures
Files
-
a0d84fe3721c23db1de2c9b8952ccbb3d66b0eed1c27659cd60bee73ba36d6f9.exe windows x86
9c0b7b8ddceb249547fb4523472c15bc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetConsoleMode
GetConsoleCP
LCMapStringW
HeapSize
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetLocaleInfoW
LoadLibraryW
FlushFileBuffers
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
MultiByteToWideChar
Sleep
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetCurrentThreadId
SetLastError
InterlockedIncrement
SetFilePointer
WriteConsoleW
SetStdHandle
CreateFileW
GetModuleFileNameW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
lstrcpyA
CreateThread
CloseHandle
GetCPInfoExA
GetLastError
GetProcessHeaps
HeapCreate
FindFirstFileA
GetProcessHeap
WaitForSingleObject
HeapAlloc
lstrcpynA
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
WriteFile
DecodePointer
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
LocalFree
InterlockedDecrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
IsProcessorFeaturePresent
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
user32
ChildWindowFromPoint
GetMessagePos
EndPaint
ClientToScreen
DestroyWindow
CloseClipboard
ScreenToClient
GetWindowRect
InsertMenuItemA
PostQuitMessage
GetWindowDC
CopyImage
GetParent
LoadIconA
IsWindowEnabled
GetClientRect
GetWindowTextLengthA
BeginPaint
FindWindowA
GetDC
PtInRect
OffsetRect
GetWindowTextA
SetCursorPos
GetWindowLongA
ReleaseDC
EnableMenuItem
EmptyClipboard
EndDialog
DefWindowProcA
GetCursorPos
EnumChildWindows
PostMessageA
OpenClipboard
SetWindowTextA
UpdateWindow
SetClipboardData
gdi32
PatBlt
SetTextColor
DeleteDC
CreateFontIndirectA
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
CreateRectRgn
GetObjectA
GetStockObject
BitBlt
comdlg32
FindTextW
advapi32
RegOpenKeyExA
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
shell32
SHCreateShellItem
ole32
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
VariantClear
setupapi
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList
Sections
.text Size: 89KB - Virtual size: 89KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 40KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 115KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ