?COMWndProc@@YGJPAUHWND__@@IIJ@Z
Static task
static1
Behavioral task
behavioral1
Sample
2f0b09a68b4af093bed54692cd2d125a2f3f04da0b08c6ae15344729c3724780.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
2f0b09a68b4af093bed54692cd2d125a2f3f04da0b08c6ae15344729c3724780.exe
Resource
win10v2004-20220812-en
General
-
Target
2f0b09a68b4af093bed54692cd2d125a2f3f04da0b08c6ae15344729c3724780
-
Size
545KB
-
MD5
8245145c04b91125b73527b162b4beef
-
SHA1
1455b279293ac0d9c27d4a7a40c718c38a866fd2
-
SHA256
2f0b09a68b4af093bed54692cd2d125a2f3f04da0b08c6ae15344729c3724780
-
SHA512
5b1578168ba7724e55ece732760d13053232ab56d735f43f4fb42f1afda826912bdf5a560db55de13d9b11face078cb551ef9796bfa9cb6ba81958b23be5060f
-
SSDEEP
12288:3KK8PCxUP0FSuRKmJrp3/alWJtbZU8JFtrymB:6mc0lFp3ylKtb/JFwE
Malware Config
Signatures
Files
-
2f0b09a68b4af093bed54692cd2d125a2f3f04da0b08c6ae15344729c3724780.exe windows x86
ab60909720863ac1865e1015698ff730
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
hpqmfc11
??0CFlitePropertySheet@@QAE@PAUDIHPCUECtxDesc@@IKIPBUtagTAPASLinkMapEntry@@PAVCWnd@@H@Z
?GetThisMessageMap@CFlitePropertySheet@@KGPBUAFX_MSGMAP@@XZ
?OnInitDialog@CFlitePropertySheet@@MAEHXZ
?SetContextHelpLinkMap@CFlitePropertySheet@@MAEXPBUtagTAPASLinkMapEntry@@@Z
?SetTAPASHelpLink@CFlitePropertySheet@@MAEXK@Z
?SetBitmapPalette@CFlitePropertySheet@@MAEXIPAUHINSTANCE__@@@Z
??1CFlitePropertySheet@@UAE@XZ
?GetThisClass@CFlitePropertySheet@@SGPAUCRuntimeClass@@XZ
?GetThisClass@CFlitePropertyPage@@SGPAUCRuntimeClass@@XZ
??0CAiOCommandLineInfo@@QAE@XZ
??1CAiOCommandLineInfo@@UAE@XZ
?ExitInstance@CCUEWinApp@@UAEHXZ
?ExpandString@CCUEWinApp@@QAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAUDIHPCUECtxDesc@@@Z
??0CCUEWinApp@@QAE@XZ
??1CCUEWinApp@@UAE@XZ
?GetThisMessageMap@CCUEWinApp@@KGPBUAFX_MSGMAP@@XZ
?GetDateAndTime@CCalendarDialog@@QAEXPAUtm@@@Z
??1CCalendarDialog@@UAE@XZ
?RepositionRelatedControls@CFliteDialog@@MAEXPAUCONTROL_MAP_ENTRY@@HKH@Z
?SetContextHelpLinkMap@CFliteDialog@@MAEXPBUtagTAPASLinkMapEntry@@@Z
?SetTAPASHelpLink@CFliteDialog@@MAEXK@Z
?SetBitmapPalette@CFliteDialog@@MAEXIPAUHINSTANCE__@@@Z
?OnInitDialog@CCalendarDialog@@MAEHXZ
?DoDataExchange@CCalendarDialog@@MAEXPAVCDataExchange@@@Z
?OnNotify@CCalendarDialog@@MAEHIJPAJ@Z
?OnCommand@CCalendarDialog@@MAEHIJ@Z
?GetMessageMap@CCalendarDialog@@MBEPBUAFX_MSGMAP@@XZ
?GetRuntimeClass@CCalendarDialog@@UBEPAUCRuntimeClass@@XZ
??0CPhoneNumberEdit@@QAE@H@Z
??0CCalendarDialog@@QAE@PAUDIHPCUECtxDesc@@IHHHHHHHHHHHHHHHHHHHHHHHPAVCWnd@@H@Z
??1CPhoneNumberEdit@@UAE@XZ
?RemoveSpecialCharacters@CPhoneNumberEdit@@QAEXXZ
?CreateCalendar@CCalendarDialog@@QAEHXZ
?SetDateAndTime@CCalendarDialog@@QAEXPA_J@Z
?SetCaption@CCalendarDialog@@QAEXPAD@Z
?AssignExitFocusPrevHwnd@CCalendarDialog@@QAEXPAUHWND__@@@Z
?AssignExitFocusNextHwnd@CCalendarDialog@@QAEXPAUHWND__@@@Z
?SetEnable@CCalendarDialog@@QAEXH@Z
?OnInitDialog@CFlitePropertyPage@@MAEHXZ
?AddBitmapWnd@CBitmapPaletteWnd@@SAPAV1@PAUHINSTANCE__@@PAVCWnd@@1IIW4ATTACH_STYLE@1@FF@Z
?GetThisMessageMap@CFlitePropertyPage@@KGPBUAFX_MSGMAP@@XZ
?OnHelp@CFlitePropertyPage@@IAEXXZ
?RepositionRelatedControls@CFlitePropertyPage@@MAEXPAUCONTROL_MAP_ENTRY@@HKH@Z
?SetContextHelpLinkMap@CFlitePropertyPage@@MAEXPBUtagTAPASLinkMapEntry@@@Z
?SetTAPASHelpLink@CFlitePropertyPage@@MAEXK@Z
?SetBitmapPalette@CFlitePropertyPage@@MAEXIPAUHINSTANCE__@@@Z
?OnSetActive@CFlitePropertyPage@@MAEHXZ
??0CFlitePropertyPage@@QAE@PAUDIHPCUECtxDesc@@IKPBUtagTAPASLinkMapEntry@@H@Z
??1CFlitePropertyPage@@UAE@XZ
kernel32
RemoveDirectoryA
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
HeapFree
GetCurrentDirectoryA
GetModuleHandleA
GetDiskFreeSpaceA
SetCurrentDirectoryA
FindResourceExA
GetComputerNameA
ReadFile
WaitForSingleObject
ReleaseMutex
GetPrivateProfileSectionNamesA
GlobalAlloc
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
lstrlenW
GlobalDeleteAtom
GlobalFindAtomA
InitializeCriticalSection
DeleteCriticalSection
GlobalAddAtomA
lstrlenA
CloseHandle
GetLastError
CreateMutexA
InterlockedDecrement
SizeofResource
LockResource
LoadResource
FindResourceA
LocalFree
MulDiv
LocalAlloc
GetTickCount
lstrcpyA
WriteFile
SetFilePointer
CreateFileA
OutputDebugStringA
GetCurrentThreadId
RaiseException
WritePrivateProfileStringA
GetPrivateProfileStringA
FormatMessageA
lstrcmpiA
GetVersion
GetPrivateProfileIntA
GetModuleFileNameA
FreeResource
WinExec
GetTempPathA
LocalReAlloc
LocalSize
LocalUnlock
GlobalLock
lstrcpynA
LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
CreateDirectoryA
GetFileAttributesA
GetShortPathNameA
DeleteFileA
LocalLock
FindClose
FindNextFileA
FindFirstFileA
GlobalFree
GlobalUnlock
user32
PostQuitMessage
MsgWaitForMultipleObjects
ShowWindow
wsprintfA
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
CreateWindowExA
RegisterClassA
LoadStringA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetClassNameA
GetWindow
CreateDialogIndirectParamA
GetWindowLongA
DefWindowProcA
SetWindowLongA
TranslateMessage
DispatchMessageA
PostMessageA
GetDC
ReleaseDC
IsWindow
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
SetRect
IsWindowEnabled
LoadIconA
EnumWindows
SendMessageTimeoutA
SetForegroundWindow
GetLastActivePopup
SetActiveWindow
BringWindowToTop
IsIconic
RegisterWindowMessageA
GetDlgItem
GetWindowRect
ScreenToClient
MessageBoxA
SetCursor
LoadCursorA
EnableWindow
GetParent
RedrawWindow
SendMessageA
DrawFocusRect
InflateRect
SetRectEmpty
PeekMessageA
advapi32
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegSetValueExA
RegSetValueExW
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExW
ole32
CreateFileMoniker
CoGetInstanceFromFile
ProgIDFromCLSID
CoTaskMemFree
CreateBindCtx
StringFromGUID2
MkParseDisplayName
GetRunningObjectTable
CoUninitialize
CoInitialize
CoCreateInstance
shell32
SHGetPathFromIDListA
SHGetMalloc
SHCreateDirectoryExA
SHGetFolderPathA
SHBrowseForFolderA
oleaut32
VariantInit
VariantChangeType
VariantClear
VarBstrCmp
GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
VarBstrCat
SysFreeString
msvcr90
isxdigit
atol
strlen
strcpy
_mbsnbcpy_s
_recalloc
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
isdigit
_ltoa_s
_mbsicmp
_mbschr
toupper
_chdrive
_chdir
_getcwd
strcat_s
_mbscmp
memset
??_U@YAPAXI@Z
wcsncpy_s
atoi
wcscpy_s
_resetstkoflw
_beginthreadex
strcpy_s
malloc
iswctype
exit
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??2@YAPAXI@Z
_localtime64_s
memcpy_s
?terminate@@YAXXZ
_time64
_mktime64
__CxxFrameHandler3
_CxxThrowException
free
??3@YAXPAX@Z
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_setmbcp
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
__set_app_type
calloc
memmove_s
??_V@YAXPAX@Z
_except_handler4_common
mfc90
ord4667
ord4895
ord4334
ord2886
ord4057
ord4067
ord4066
ord3277
ord2759
ord2888
ord2769
ord3135
ord2961
ord4714
ord3107
ord2978
ord2766
ord5633
ord1728
ord1791
ord1792
ord2139
ord5608
ord1446
ord3218
ord6356
ord5389
ord3671
ord6782
ord4160
ord6784
ord1644
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord969
ord965
ord967
ord963
ord958
ord5666
ord5668
ord6446
ord1729
ord4688
ord5139
ord3732
ord5647
ord4589
ord6780
ord5497
ord2074
ord5585
ord4646
ord1497
ord4331
ord1752
ord1755
ord6391
ord3346
ord1720
ord2283
ord777
ord3480
ord4638
ord1668
ord2274
ord611
ord3487
ord4640
ord1670
ord2277
ord4496
ord1604
ord2103
ord615
ord6615
ord3920
ord6170
ord613
ord6048
ord1536
ord6079
ord4116
ord337
ord4668
ord5137
ord4650
ord1496
ord6388
ord3344
ord1678
ord1809
ord1810
ord2208
ord5309
ord4618
ord5615
ord4594
ord5262
ord5032
ord5216
ord5493
ord5496
ord5494
ord5495
ord1938
ord2360
ord2899
ord5644
ord4030
ord6740
ord4431
ord4516
ord1258
ord1254
ord819
ord310
ord2038
ord1937
ord1918
ord2057
ord744
ord524
ord820
ord2327
ord817
ord1603
ord6559
ord5924
ord6291
ord1252
ord4529
ord6584
ord2691
ord1065
ord6557
ord782
ord300
ord945
ord1042
ord581
ord5636
ord5152
ord4617
ord3519
ord654
ord1041
ord2538
ord4952
ord3659
ord4890
ord3110
ord6001
ord5646
ord5663
ord4981
ord4333
ord5659
ord5657
ord3209
ord2087
ord4199
ord5813
ord6721
ord5533
ord1046
ord4165
ord6018
ord2206
ord2251
ord4733
ord6781
ord4159
ord6783
ord4409
ord4434
ord1611
ord305
ord3213
ord941
ord2224
ord5552
ord1108
ord4678
ord1643
ord4686
ord5645
ord1711
ord1409
ord4760
ord1016
ord3643
ord595
ord2069
ord2592
ord1358
ord3528
ord2588
ord2106
ord316
ord2539
ord1183
ord601
ord3534
ord1137
ord1276
gdi32
GetDeviceCaps
GetStockObject
GetObjectA
GetTextMetricsA
SelectObject
CreateFontIndirectA
comctl32
_TrackMouseEvent
msvcp90
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
Exports
Exports
Sections
.text Size: 129KB - Virtual size: 129KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
@B� Size: 239KB - Virtual size: 240KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE