Static task
static1
Behavioral task
behavioral1
Sample
d24a591e8cd6885bfe827a3d556747ce27038dadfac8d9e2c30d8c84d8631829.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d24a591e8cd6885bfe827a3d556747ce27038dadfac8d9e2c30d8c84d8631829.exe
Resource
win10v2004-20220812-en
General
-
Target
d24a591e8cd6885bfe827a3d556747ce27038dadfac8d9e2c30d8c84d8631829
-
Size
288KB
-
MD5
a2fbd0048ca48fdcd9a43e8e494c52ca
-
SHA1
c017d48ebe050dd05c6b7368fcb0027ba3104642
-
SHA256
d24a591e8cd6885bfe827a3d556747ce27038dadfac8d9e2c30d8c84d8631829
-
SHA512
cad91f6f590968d6d088936766235bbfb48ba918e7ed509159905ed877575d3d8429e576e89bb124d4354fba5bc44d56190c50db36979a755dc05518fd21b2a2
-
SSDEEP
6144:Hbr7qPEEB4/RqmVsQEx216Yg+BXQ7T8sOn:7rmMK4/gDQED+B+IsOn
Malware Config
Signatures
Files
-
d24a591e8cd6885bfe827a3d556747ce27038dadfac8d9e2c30d8c84d8631829.exe windows x86
2a16f0bb709078d8c77cff8b703ee6fb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
modemui
CountryRunOnce
drvSetDefaultCommConfigA
drvGetDefaultCommConfigA
qutil
AllocFixupInfo
FreeSoH
FreeFixupInfo
AllocConnections
FreeConnections
shell32
DllUnregisterServer
FindExecutableA
DragAcceptFiles
SHGetDiskFreeSpaceA
SHGetDesktopFolder
ShellMessageBoxA
SHGetMalloc
DuplicateIcon
SHFree
DragFinish
StrChrA
SHCreateShellItem
ShellAboutA
ExtractIconA
SHChangeNotify
SHGetDataFromIDListA
user32
IsDialogMessageW
GetMessageW
DispatchMessageW
wsprintfA
GetDlgItemTextW
IsCharLowerW
LoadMenuW
LoadIconA
CreateDesktopW
GetClassLongA
LoadBitmapA
FlashWindow
PeekMessageW
InsertMenuA
GetPropA
DialogBoxParamA
DrawStateA
kernel32
VirtualProtect
LoadLibraryW
ReadFile
CompareStringA
WriteConsoleW
GetDriveTypeA
GetModuleHandleA
FormatMessageA
HeapSize
HeapAlloc
GetEnvironmentVariableA
GetCurrentDirectoryA
CreateDirectoryA
GetCommandLineA
SleepEx
GetNumberFormatW
wtsapi32
WTSEnumerateSessionsW
WTSOpenServerW
WTSVirtualChannelClose
WTSUnRegisterSessionNotification
WTSVirtualChannelOpen
WTSSendMessageA
WTSVirtualChannelWrite
WTSFreeMemory
WTSVirtualChannelQuery
WTSVirtualChannelRead
WTSEnumerateServersA
WTSEnumerateProcessesA
WTSRegisterSessionNotification
ctl3d32
Ctl3dUnregister
Ctl3dCtlColor
Ctl3dEnabled
Ctl3dRegister
cfgmgr32
CMP_Report_LogOn
CM_Add_Range
CM_Add_Empty_Log_Conf
Sections
.text Size: 208KB - Virtual size: 204KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ