Static task
static1
Behavioral task
behavioral1
Sample
ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
General
-
Target
ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab
-
Size
209KB
-
MD5
74fca464697b5816acfe9140ee387ecd
-
SHA1
98434a079e12d48a94a094ef04b9f31b153852f6
-
SHA256
ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab
-
SHA512
8e48a14b01e0aa72b25a1b2af7c66336d129728ea7e445a57ea95aa0393d4e5a67ff3434c26a2a9ca7524303fc06ff2f404fb9adfd0801289e9b31f724a6facf
-
SSDEEP
3072:dlHLFNuNLrSUkYSuS0G9YeKnvuGwODGfQq93g7mC7wCipC+fU/LEfwQC:dlHPuNXGnOpmC8PBUDgC
Malware Config
Signatures
Files
-
ce585d3c69640b084f4c0869be2f8fbbe86574e3f73c2f73da8f71cf3c3146ab.exe windows x86
b45bc6a70612e4c96c158dcc57baa659
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_exit
_controlfp
_XcptFilter
version
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA
advapi32
GetAce
AccessCheck
LsaLookupNames
LsaEnumerateAccountsWithUserRight
CreateProcessAsUserA
InitializeSecurityDescriptor
LsaFreeMemory
RegQueryValueA
MakeSelfRelativeSD
GetSidSubAuthorityCount
BuildImpersonateTrusteeA
ObjectPrivilegeAuditAlarmA
MakeAbsoluteSD
RegCreateKeyExA
AdjustTokenGroups
AreAnyAccessesGranted
SetSecurityDescriptorDacl
OpenSCManagerW
RegisterServiceCtrlHandlerA
BuildTrusteeWithNameA
RegGetKeySecurity
RegEnumKeyExW
ReadEventLogA
GetTokenInformation
SetSecurityInfo
NotifyChangeEventLog
EncryptFileA
LookupPrivilegeValueW
InitiateSystemShutdownA
SetPrivateObjectSecurity
FindFirstFreeAce
GetSecurityDescriptorSacl
GetFileSecurityA
CreateRestrictedToken
RegReplaceKeyW
RegConnectRegistryW
LsaDeleteTrustedDomain
RegSaveKeyA
LsaQueryTrustedDomainInfoByName
RegDeleteKeyW
RegQueryMultipleValuesA
GetSidIdentifierAuthority
RegEnumValueW
StartServiceA
AddAccessDeniedAce
GetTrusteeNameW
LookupPrivilegeNameW
RegOverridePredefKey
GetServiceDisplayNameW
RegQueryValueExW
ObjectDeleteAuditAlarmW
GetSecurityInfo
RegCloseKey
OpenProcessToken
FreeSid
OpenBackupEventLogW
RegQueryInfoKeyW
QueryServiceLockStatusW
InitiateSystemShutdownW
GetTrusteeTypeA
OpenBackupEventLogA
LsaEnumerateTrustedDomainsEx
CreateServiceA
ImpersonateSelf
ObjectCloseAuditAlarmA
LookupAccountNameW
RegEnumKeyA
PrivilegedServiceAuditAlarmW
LsaEnumerateTrustedDomains
SetFileSecurityA
LookupPrivilegeDisplayNameA
QueryServiceObjectSecurity
QueryServiceConfig2W
RegEnumValueA
RegLoadKeyA
QueryServiceLockStatusA
RegOpenKeyW
ControlService
RegCreateKeyA
RegOpenKeyExW
GetAuditedPermissionsFromAclW
GetAuditedPermissionsFromAclA
DecryptFileW
IsValidSid
StartServiceCtrlDispatcherA
OpenEventLogA
GetKernelObjectSecurity
GetExplicitEntriesFromAclW
LookupSecurityDescriptorPartsA
LsaCreateTrustedDomainEx
ObjectOpenAuditAlarmW
GetNumberOfEventLogRecords
RegisterServiceCtrlHandlerW
GetLengthSid
LookupSecurityDescriptorPartsW
SetSecurityDescriptorGroup
GetMultipleTrusteeA
GetOldestEventLogRecord
GetTrusteeFormA
RegSetValueExW
GetNamedSecurityInfoW
ReadEventLogW
GetEffectiveRightsFromAclA
LsaAddAccountRights
QueryServiceStatus
DuplicateTokenEx
GetAclInformation
RegCreateKeyExW
shell32
ord180
winmm
mixerGetControlDetailsW
mmioInstallIOProcW
midiOutGetDevCapsW
joySetCapture
sndPlaySoundW
waveOutGetPitch
midiOutGetDevCapsA
waveOutGetPlaybackRate
mciGetDeviceIDFromElementIDW
midiStreamClose
midiOutMessage
waveInGetDevCapsA
mixerGetControlDetailsA
waveInGetDevCapsW
mciGetErrorStringA
mciGetDeviceIDW
auxGetNumDevs
timeSetEvent
waveOutGetNumDevs
waveOutGetErrorTextW
mmioRenameW
mciSetYieldProc
midiDisconnect
waveOutGetDevCapsA
mixerGetLineInfoA
midiInClose
mixerGetNumDevs
joyGetThreshold
timeGetSystemTime
timeGetTime
midiStreamStop
waveInGetNumDevs
waveOutGetID
midiOutSetVolume
mmioFlush
SendDriverMessage
PlaySoundA
waveOutOpen
mmioSendMessage
mmioInstallIOProcA
DefDriverProc
midiInUnprepareHeader
mixerGetLineInfoW
mciGetErrorStringW
mixerSetControlDetails
mmioOpenA
joyGetDevCapsW
PlaySoundW
midiOutPrepareHeader
waveInUnprepareHeader
mciGetYieldProc
DrvGetModuleHandle
midiOutUnprepareHeader
midiInStart
midiInGetErrorTextA
mmioStringToFOURCCW
midiOutCachePatches
midiOutGetID
mmioClose
waveInStop
GetDriverModuleHandle
mciGetDeviceIDFromElementIDA
mmioDescend
waveInGetPosition
msi
ord25
ord24
ord66
ord37
ord45
ord171
ord10
ord35
ord74
ord29
ord72
ord7
ord59
ord70
ord65
ord23
ord36
ord30
ord57
ord58
ord170
ord26
ord40
ord60
ord38
ord52
ord67
ord165
ord76
ord54
ord14
ord22
ord47
ord9
ord34
ord39
ord55
ord18
ord164
ord75
ord56
ord51
ord62
ord8
ord50
ord49
ord21
ord20
ord71
ord64
ord28
ord42
ord73
ord53
ord16
ord168
ord63
kernel32
CreateFileA
GetModuleHandleA
GetStartupInfoA
wininet
InternetGetLastResponseInfoA
FtpRemoveDirectoryW
InternetSetOptionExW
FindCloseUrlCache
GetUrlCacheEntryInfoExA
InternetReadFile
GopherOpenFileA
GopherGetLocatorTypeW
InternetOpenW
HttpOpenRequestW
InternetQueryOptionW
FtpGetCurrentDirectoryW
GopherFindFirstFileA
FtpCreateDirectoryA
InternetCrackUrlW
InternetTimeFromSystemTime
FindNextUrlCacheEntryA
DeleteUrlCacheGroup
FindFirstUrlCacheEntryA
HttpEndRequestA
CommitUrlCacheEntryA
InternetAutodialHangup
GopherCreateLocatorA
UnlockUrlCacheEntryFile
InternetReadFileExW
CommitUrlCacheEntryW
HttpSendRequestW
FtpCreateDirectoryW
InternetCreateUrlA
FtpRemoveDirectoryA
InternetConfirmZoneCrossing
InternetSetFilePointer
GopherGetAttributeW
InternetCheckConnectionA
InternetOpenA
FtpFindFirstFileA
InternetSetCookieA
InternetQueryDataAvailable
InternetOpenUrlA
InternetGetLastResponseInfoW
HttpSendRequestA
FindNextUrlCacheEntryExW
GetUrlCacheEntryInfoA
FtpSetCurrentDirectoryA
GopherOpenFileW
HttpQueryInfoA
FtpSetCurrentDirectoryW
InternetConnectW
InternetQueryOptionA
InternetFindNextFileA
InternetFindNextFileW
HttpAddRequestHeadersA
GopherCreateLocatorW
FtpDeleteFileW
GetUrlCacheEntryInfoExW
InternetLockRequestFile
InternetCanonicalizeUrlA
HttpEndRequestW
FindFirstUrlCacheEntryExA
InternetSetCookieW
InternetCloseHandle
InternetSetOptionExA
HttpAddRequestHeadersW
CreateUrlCacheGroup
RetrieveUrlCacheEntryFileA
ReadUrlCacheEntryStream
RetrieveUrlCacheEntryStreamA
DeleteUrlCacheEntry
InternetCombineUrlW
SetUrlCacheEntryInfoW
InternetHangUp
HttpOpenRequestA
FtpPutFileW
InternetCrackUrlA
InternetSetStatusCallback
InternetGetCookieA
GetUrlCacheEntryInfoW
SetUrlCacheEntryInfoA
InternetSetOptionA
InternetGoOnline
InternetUnlockRequestFile
InternetCanonicalizeUrlW
InternetConnectA
user32
DdeKeepStringHandle
WindowFromDC
IsDialogMessageA
GetUpdateRgn
DdeCreateDataHandle
IsClipboardFormatAvailable
CopyImage
PaintDesktop
DestroyCaret
GetMenuStringA
GetSystemMetrics
wvsprintfA
SetCapture
GetMenuCheckMarkDimensions
GetSysColor
DlgDirListComboBoxW
LoadMenuIndirectW
WaitMessage
ShowCursor
SetSysColors
InsertMenuItemA
EnableScrollBar
ToUnicode
GetCapture
GetClipboardViewer
CreateIconFromResourceEx
InsertMenuItemW
SubtractRect
RemoveMenu
DrawTextExA
CharToOemW
SetKeyboardState
GetKeyboardLayoutNameA
TranslateAcceleratorA
MessageBoxIndirectW
RegisterClipboardFormatW
IsDlgButtonChecked
ToAscii
GetForegroundWindow
WaitForInputIdle
ExcludeUpdateRgn
WINNLSEnableIME
LoadCursorFromFileA
AnyPopup
CloseDesktop
GetProcessWindowStation
SetWindowsHookExW
GetWindowWord
GetMessageExtraInfo
GetClassInfoExA
EmptyClipboard
PtInRect
OpenInputDesktop
DispatchMessageA
DefFrameProcA
VkKeyScanExW
CountClipboardFormats
InflateRect
GetWindowTextW
CheckRadioButton
ScrollWindowEx
DdeClientTransaction
MapVirtualKeyW
DefMDIChildProcA
LoadStringA
GetWindow
CreateDialogIndirectParamW
DdeUninitialize
WindowFromPoint
RegisterClassExW
SetPropW
DefWindowProcW
GetClipboardFormatNameW
SetMenu
CallWindowProcA
PackDDElParam
InvalidateRgn
OpenClipboard
SetPropA
SetClassWord
CreateWindowStationA
GetMessagePos
GetNextDlgGroupItem
DestroyAcceleratorTable
CharLowerW
CreateCursor
FrameRect
OemToCharW
RegisterClassW
GetWindowTextLengthW
CreateMDIWindowW
SendDlgItemMessageA
RemovePropA
ReleaseDC
DialogBoxIndirectParamA
PeekMessageW
InvalidateRect
GetDesktopWindow
AppendMenuA
ActivateKeyboardLayout
GetKeyboardState
EnableMenuItem
OemToCharA
EqualRect
HideCaret
SetCursorPos
DdeFreeDataHandle
ValidateRect
ChildWindowFromPoint
DefWindowProcA
CreateDesktopA
EnumDesktopWindows
DrawTextExW
SetMenuItemInfoA
DrawIconEx
DrawFrameControl
LockWindowUpdate
GetCursor
VkKeyScanA
MapVirtualKeyA
CreateDialogParamA
VkKeyScanExA
TranslateMessage
DrawMenuBar
PostMessageA
CreateIconFromResource
DialogBoxParamA
IsZoomed
OemKeyScan
DispatchMessageW
DrawStateW
LoadAcceleratorsW
GetClipCursor
CharUpperA
SetScrollPos
CheckMenuItem
IsWindow
GetKeyState
CharToOemBuffW
ClientToScreen
ShowOwnedPopups
IsWindowVisible
SetParent
LoadStringW
SetLastErrorEx
ChangeDisplaySettingsExW
UnhookWinEvent
SendMessageTimeoutA
GetDlgCtrlID
MessageBeep
GetMessageA
SendNotifyMessageW
GetClassInfoExW
SetDlgItemTextA
LoadCursorFromFileW
SetWindowsHookExA
SendMessageCallbackW
LookupIconIdFromDirectoryEx
GetNextDlgTabItem
GetDoubleClickTime
CreateWindowExA
GetGUIThreadInfo
SetDoubleClickTime
DdeCmpStringHandles
GetWindowModuleFileNameA
GetQueueStatus
GetWindowRect
ChangeClipboardChain
GetMenuItemInfoW
CharNextA
GetTabbedTextExtentA
LoadAcceleratorsA
GetMenuContextHelpId
GetClassLongA
GetLastActivePopup
GetClassLongW
GetKeyNameTextW
MsgWaitForMultipleObjectsEx
EnumDisplaySettingsA
DlgDirSelectExW
LoadImageA
OemToCharBuffA
GetClassInfoA
GetMenuItemRect
NotifyWinEvent
ShowCaret
SetDlgItemInt
GetActiveWindow
ChildWindowFromPointEx
GetScrollRange
CharPrevW
BringWindowToTop
MapVirtualKeyExA
OpenIcon
SendNotifyMessageA
TranslateAcceleratorW
SwapMouseButton
GetSysColorBrush
ModifyMenuA
SetSystemCursor
SetRect
GrayStringA
GetMenuDefaultItem
DefDlgProcW
FreeDDElParam
CloseClipboard
FillRect
IntersectRect
EnumWindows
LoadKeyboardLayoutW
EndDialog
CreateCaret
SetMessageExtraInfo
SendMessageW
SetMenuItemInfoW
RemovePropW
DdePostAdvise
LoadMenuW
DrawStateA
InsertMenuA
DdeGetLastError
GetMenuItemCount
LoadBitmapW
MessageBoxExA
SetUserObjectInformationA
GetClassInfoW
SystemParametersInfoA
KillTimer
ShowWindow
CharLowerBuffA
GetDialogBaseUnits
CopyAcceleratorTableA
LoadImageW
GetPropW
GetDlgItemInt
EnumWindowStationsW
OemToCharBuffW
TileWindows
VkKeyScanW
FindWindowA
SetUserObjectSecurity
DrawAnimatedRects
SetWindowLongA
RedrawWindow
DlgDirSelectComboBoxExA
CallNextHookEx
SetWindowLongW
SetMenuItemBitmaps
DlgDirListA
OpenDesktopW
CharLowerBuffW
UpdateWindow
SetUserObjectInformationW
SetMenuContextHelpId
SendMessageA
SetWindowTextA
SetMessageQueue
SetClassLongW
SetWindowsHookA
AppendMenuW
IsWindowUnicode
OffsetRect
ShowScrollBar
SetThreadDesktop
GetKeyboardLayoutNameW
WINNLSGetIMEHotkey
CreateDialogParamW
DlgDirSelectExA
GetWindowPlacement
MapWindowPoints
ScrollDC
EndDeferWindowPos
ChangeDisplaySettingsExA
DdeInitializeA
GetMenuStringW
ReplyMessage
DdeEnableCallback
GetMenu
GetKBCodePage
GetAsyncKeyState
SetCaretBlinkTime
InSendMessage
SetWindowTextW
InsertMenuW
IsChild
GetWindowDC
SendDlgItemMessageW
DlgDirListW
ReuseDDElParam
MapDialogRect
GetTabbedTextExtentW
DefMDIChildProcW
EnumDesktopsW
ToUnicodeEx
GetWindowLongW
LoadKeyboardLayoutA
CreateWindowExW
GetMessageTime
InvertRect
PostQuitMessage
DrawIcon
CharToOemA
IsRectEmpty
IsMenu
SetScrollInfo
GetFocus
UnionRect
DestroyWindow
IsDialogMessageW
RegisterHotKey
ModifyMenuW
SwitchDesktop
TranslateMDISysAccel
UnpackDDElParam
DdeImpersonateClient
GetClassWord
GetWindowTextLengthA
CreateMDIWindowA
SetMenuDefaultItem
DdeQueryStringA
DrawFocusRect
SetScrollRange
IsCharLowerA
AdjustWindowRectEx
GetCaretPos
DrawTextW
EnumDisplaySettingsW
DialogBoxIndirectParamW
CharUpperBuffW
EnumPropsExA
IMPSetIMEA
GetMenuItemID
UnhookWindowsHookEx
MessageBoxIndirectA
GetClassNameW
MoveWindow
PostThreadMessageW
PeekMessageA
SendMessageTimeoutW
DdeSetUserHandle
CreateAcceleratorTableA
CloseWindowStation
ImpersonateDdeClientWindow
IsWindowEnabled
SetForegroundWindow
GetWindowTextA
LoadIconW
GetWindowLongA
SetWindowContextHelpId
DefDlgProcA
SetWindowRgn
CallMsgFilterA
UnloadKeyboardLayout
DdeCreateStringHandleA
SetClassLongA
FindWindowExW
WinHelpW
DrawEdge
GetCaretBlinkTime
GetDCEx
DdeQueryNextServer
CreateDialogIndirectParamA
GetSubMenu
LoadCursorW
BlockInput
MsgWaitForMultipleObjects
GetMenuState
OpenWindowStationW
ChangeMenuA
GetKeyboardLayout
DlgDirListComboBoxA
ShowWindowAsync
DestroyMenu
SetCursor
SystemParametersInfoW
DestroyCursor
GetPriorityClipboardFormat
GetMessageW
TrackPopupMenu
SetDlgItemTextW
SetTimer
SetClipboardViewer
GetUserObjectSecurity
GetTopWindow
winspool.drv
EnumFormsA
EnumPrinterDataExW
DeleteFormW
DeletePrinterDriverA
AddPrintProvidorA
AddPrinterDriverExW
rasapi32
RasGetProjectionInfoA
RasRenameEntryA
RasValidateEntryNameW
RasEditPhonebookEntryW
RasGetConnectStatusA
RasGetEntryPropertiesA
RasGetEntryPropertiesW
RasGetProjectionInfoW
RasDeleteEntryW
RasEnumEntriesW
RasGetConnectStatusW
RasDialA
RasGetCountryInfoW
RasDeleteEntryA
RasSetEntryDialParamsA
RasSetEntryPropertiesA
RasEditPhonebookEntryA
RasGetErrorStringA
RasSetEntryPropertiesW
imm32
ImmUnregisterWordA
ImmSetCompositionWindow
ImmInstallIMEA
ImmGetGuideLineW
ImmGetCompositionWindow
ImmSetCompositionStringA
ImmEnumRegisterWordW
ImmRegisterWordW
ImmGetCompositionFontA
ImmGetDescriptionA
ImmEnumRegisterWordA
ImmGetRegisterWordStyleW
ImmIsIME
ImmConfigureIMEA
ImmIsUIMessageA
ImmSetConversionStatus
ImmGetProperty
ImmGetContext
ImmConfigureIMEW
ImmGetCompositionFontW
ImmSetCompositionFontW
ImmGetIMEFileNameW
ImmSetCandidateWindow
ImmGetConversionStatus
ImmCreateContext
ImmSetCompositionStringW
ImmDestroyContext
ImmReleaseContext
shlwapi
PathIsRelativeW
PathIsURLA
SHRegSetUSValueW
SHRegDeleteUSValueA
PathStripToRootW
SHGetValueW
StrFormatByteSizeW
PathRemoveBackslashW
PathQuoteSpacesW
PathMakePrettyW
SHQueryInfoKeyW
SHRegCreateUSKeyW
SHRegOpenUSKeyW
StrTrimA
PathSearchAndQualifyW
PathRelativePathToA
PathCompactPathExW
StrNCatW
PathStripPathW
PathSkipRootA
PathFindExtensionW
SHRegGetBoolUSValueA
PathIsPrefixA
SHDeleteValueW
PathIsUNCServerA
PathIsUNCServerW
PathIsSystemFolderW
ChrCmpIA
PathIsDirectoryA
StrFromTimeIntervalW
PathRemoveFileSpecA
PathIsRootW
SHEnumKeyExA
PathAddBackslashW
PathCombineW
PathFindExtensionA
PathMakeSystemFolderW
PathRemoveArgsW
SHRegQueryInfoUSKeyA
PathAddExtensionA
StrTrimW
PathRelativePathToW
PathCanonicalizeA
PathRemoveFileSpecW
PathFindFileNameA
StrCSpnA
SHRegQueryUSValueW
PathRemoveBackslashA
ChrCmpIW
PathRemoveBlanksA
PathRemoveExtensionW
SHQueryValueExW
PathParseIconLocationW
PathIsUNCServerShareW
PathIsFileSpecW
ole32
PropVariantCopy
StgIsStorageFile
CoUnmarshalInterface
OleRun
DoDragDrop
Sections
.text Size: 92KB - Virtual size: 90KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 400KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ