??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
Behavioral task
behavioral1
Sample
c7260327dc511b7cdff34dc2fccdb092e8d882d7cc08ec5a1335d52b157b9470.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c7260327dc511b7cdff34dc2fccdb092e8d882d7cc08ec5a1335d52b157b9470.exe
Resource
win10v2004-20220901-en
General
-
Target
c7260327dc511b7cdff34dc2fccdb092e8d882d7cc08ec5a1335d52b157b9470
-
Size
172KB
-
MD5
5da6db38badf512787537be24ef129b0
-
SHA1
1e4c64be76cd58e730f6b1b2525c2787a3742d4f
-
SHA256
c7260327dc511b7cdff34dc2fccdb092e8d882d7cc08ec5a1335d52b157b9470
-
SHA512
c3a8399e103754378b11b5e1fe2003f26d0bca9e29ea4d2eef611a716ceb2876c36ddaa292e5bd26c09e7a4b9221620b303304f97a4dce661757ab6a8e73f103
-
SSDEEP
3072:f9tzv+t3UOLt5dvpjaDymmxjGpJ7ANfhZclO6nk8+SDADeak7dJHB/AdGL:VtyLt7ZaeCpCDZclO6wSsQLH5Adi
Malware Config
Signatures
Files
-
c7260327dc511b7cdff34dc2fccdb092e8d882d7cc08ec5a1335d52b157b9470.exe windows x86
85057de5a3ce33a42c245d068962a7d1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetPrivateProfileStringA
GetCurrentDirectoryA
DeleteCriticalSection
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
InterlockedCompareExchange
GetLastError
InitializeCriticalSectionAndSpinCount
CreateIoCompletionPort
CloseHandle
GetQueuedCompletionStatus
SetWaitableTimer
WaitForSingleObject
QueueUserAPC
TerminateThread
PostQueuedCompletionStatus
CreateEventA
SleepEx
SetEvent
SetLastError
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
CreateMutexA
ReleaseMutex
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
WaitForMultipleObjects
InterlockedExchange
GetSystemTimeAsFileTime
msvcp90
??7ios_base@std@@QBE_NXZ
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?max@?$numeric_limits@I@std@@SAIXZ
??0?$allocator@D@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?_Xsgetn_s@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADIH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eof@?$char_traits@D@std@@SAHXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?not_eof@?$char_traits@D@std@@SAHABH@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?max_size@?$allocator@D@std@@QBEIXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??Bios_base@std@@QBEPAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
boost_system-vc90-mt-1_50
?system_category@system@boost@@YAABVerror_category@12@XZ
?generic_category@system@boost@@YAABVerror_category@12@XZ
ws2_32
WSAGetLastError
ioctlsocket
WSARecv
getsockopt
connect
select
WSASocketA
setsockopt
WSASend
closesocket
getservbyname
gethostbyname
WSAStringToAddressA
WSASetLastError
WSACleanup
WSAStartup
htons
iphlpapi
GetAdaptersInfo
msvcr90
fclose
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
??3@YAXPAX@Z
__CxxFrameHandler3
_purecall
printf
sprintf
free
malloc
strstr
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
tolower
strcpy
memmove
_invalid_parameter_noinfo
strlen
memset
strcmp
memcpy
strcpy_s
atoi
isdigit
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??8type_info@@QBE_NABV0@@Z
memmove_s
_beginthreadex
_beginthread
fwrite
_configthreadlocale
ftell
fopen
_time64
_vsnprintf
_localtime64
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_controlfp_s
Exports
Exports
Sections
.text Size: 97KB - Virtual size: 96KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 688B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ