Static task
static1
Behavioral task
behavioral1
Sample
8f9010979d3a0145d07a2ba5a1656314c39534868a328e412fdf96d7b35a5527.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8f9010979d3a0145d07a2ba5a1656314c39534868a328e412fdf96d7b35a5527.exe
Resource
win10v2004-20220812-en
General
-
Target
8f9010979d3a0145d07a2ba5a1656314c39534868a328e412fdf96d7b35a5527
-
Size
408KB
-
MD5
8083ca13019fdac4e3e07fdfe51f1fa9
-
SHA1
ee502cb2c1d167ffc085be5c743015b32ea75afa
-
SHA256
8f9010979d3a0145d07a2ba5a1656314c39534868a328e412fdf96d7b35a5527
-
SHA512
9f07d04aa4878ecb51b360e8b9c1a0a8d475387cb9a93a4c7eeb6e55435ba16d31db0ec6fbc75c30c7d13c8aa73be9a691bf9f17530a7e26aee1fee3fcbb5b9e
-
SSDEEP
12288:xng7n/7r1pGctn09bIuQgN5InLqlDRLlePS0r9mYnXC:5En/31p1tnfcIniLl2ShYX
Malware Config
Signatures
Files
-
8f9010979d3a0145d07a2ba5a1656314c39534868a328e412fdf96d7b35a5527.exe windows x86
bd98642fbcd1e6949caa17b7fd9692bd
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
SetLastError
GetEnvironmentStrings
GetFileType
MultiByteToWideChar
GetCurrentProcess
WriteFile
LCMapStringW
HeapReAlloc
TerminateProcess
FreeEnvironmentStringsA
VirtualAlloc
GetEnvironmentStringsW
GetCurrentThread
CloseHandle
CompareStringA
HeapDestroy
GetStartupInfoA
CompareStringW
InitializeCriticalSection
FatalAppExitA
VirtualFree
DeleteCriticalSection
LCMapStringA
TlsGetValue
HeapAlloc
GetStringTypeA
InterlockedIncrement
GetVersion
GetCPInfo
TlsAlloc
GetModuleHandleW
SetEnvironmentVariableA
TlsSetValue
GetCurrentThreadId
HeapFree
GetTimeZoneInformation
CreateMutexW
UnhandledExceptionFilter
GetTickCount
ExitProcess
InterlockedDecrement
GetCurrentProcessId
GetSystemTime
SetStdHandle
GetModuleHandleA
GetProcAddress
ReadFile
GetLocalTime
EnterCriticalSection
GetStringTypeW
GetCommandLineA
HeapCreate
SetHandleCount
FreeEnvironmentStringsW
TlsFree
QueryPerformanceCounter
LeaveCriticalSection
RtlUnwind
GetSystemTimeAsFileTime
IsBadWritePtr
VirtualQuery
FlushFileBuffers
GetStdHandle
SetFilePointer
InterlockedExchange
GetModuleFileNameA
WideCharToMultiByte
GetStartupInfoW
GetLastError
GetCommandLineW
GetModuleFileNameW
winspool.drv
ClosePrinter
OpenPrinterW
shell32
SHGetPathFromIDListA
DragFinish
DragQueryFileA
gdi32
CreatePatternBrush
GetObjectW
CreatePalette
DeleteObject
SelectObject
StartDocW
CreateDCW
StretchBlt
DeleteDC
GetDeviceCaps
SetTextColor
ExcludeClipRect
oleaut32
LoadTypeLi
user32
GetScrollInfo
RegisterClassW
MapDialogRect
IsWindowEnabled
GetDlgItemInt
GetMenuStringW
SetScrollPos
GetDC
GetWindowLongW
SetDlgItemInt
SetCursorPos
SetRect
RemovePropW
RedrawWindow
RegisterClassExW
GetSubMenu
EnableWindow
GetForegroundWindow
GetClientRect
CallNextHookEx
InsertMenuItemW
GetClassLongW
DrawFocusRect
SetCapture
GetDesktopWindow
GetLastActivePopup
SetRectEmpty
SetFocus
SetTimer
LoadAcceleratorsW
TranslateMessage
GetParent
SetWindowTextW
ScreenToClient
KillTimer
GetMenuItemCount
MessageBeep
SendDlgItemMessageA
GetWindowPlacement
IsClipboardFormatAvailable
PostQuitMessage
UnpackDDElParam
ClientToScreen
SetPropW
EmptyClipboard
UpdateWindow
GetPropW
GetCursorPos
CopyRect
mfc42
ord1576
comctl32
ImageList_GetIconSize
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIcon
DestroyPropertySheetPage
ImageList_LoadImageA
ImageList_Replace
ImageList_DragLeave
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove
ImageList_GetImageCount
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_DragMove
ord17
PropertySheetA
ImageList_SetBkColor
ImageList_EndDrag
CreatePropertySheetPageA
ImageList_Add
ImageList_DragShowNolock
ImageList_Draw
ImageList_BeginDrag
ImageList_Destroy
advapi32
RegDeleteKeyW
RegQueryValueExW
GetTokenInformation
RegQueryValueW
RegSetValueExA
RegQueryValueExA
RegGetKeySecurity
RegDeleteValueA
RegCloseKey
OpenProcessToken
SetSecurityDescriptorDacl
GetSidSubAuthorityCount
RegSetValueExW
RegOpenKeyExW
InitializeSecurityDescriptor
RegCreateKeyExA
RegDeleteValueW
RegOpenKeyExA
GetSidSubAuthority
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 252KB - Virtual size: 250KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 68KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ