Static task
static1
Behavioral task
behavioral1
Sample
a9f97b8d7db5e349c9f777e1cb13fcacce00866e9a26646f49de1eb8e1acb5e6.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a9f97b8d7db5e349c9f777e1cb13fcacce00866e9a26646f49de1eb8e1acb5e6.exe
Resource
win10v2004-20220812-en
General
-
Target
a9f97b8d7db5e349c9f777e1cb13fcacce00866e9a26646f49de1eb8e1acb5e6
-
Size
299KB
-
MD5
836aed45367774c9091eb4bde1abbfd0
-
SHA1
15ee53c7809731e880ac0b4189b416243b6bdda2
-
SHA256
a9f97b8d7db5e349c9f777e1cb13fcacce00866e9a26646f49de1eb8e1acb5e6
-
SHA512
9dd7ba9edac0ef1c5cd4a69ea22ca46f3dcebc6e60a1c328d6edb2cce505504443c525db9e3065ac3040d5dff54363fd83564b5c107ad8e8ddc87f2b39d8fcc4
-
SSDEEP
6144:cyRhc6e9EtCj8IT9jSH5OEKxSueCYERgqQ/6XDpKCcqozQmypxc+:c0hc6e9EtCYIJGH5OXSsFC/ElKCcLQmk
Malware Config
Signatures
Files
-
a9f97b8d7db5e349c9f777e1cb13fcacce00866e9a26646f49de1eb8e1acb5e6.exe windows x86
6cb33f15b4a88b2806815fbed355cae4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
FindAtomW
GetStartupInfoA
GetStringTypeW
GetLogicalDrives
VirtualProtectEx
DeleteFileW
ReadConsoleA
PulseEvent
GetPrivateProfileSectionA
GetDriveTypeA
LoadLibraryW
Sleep
ReadConsoleA
lstrlenA
SearchPathA
GetLastError
HeapSize
ReleaseMutex
TlsGetValue
CloseHandle
ReadConsoleA
uxtheme
CloseThemeData
DrawThemeEdge
GetThemeTextExtent
GetThemeBool
OpenThemeData
CloseThemeData
GetThemeColor
GetThemeSysSize
GetWindowTheme
DrawThemeBackground
IsThemeActive
SetWindowTheme
GetThemeTextMetrics
gpedit
DllCanUnloadNow
BrowseForGPO
DllGetClassObject
ExportRSoPData
Sections
.text Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 320B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 291KB - Virtual size: 291KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
.import Size: 512B - Virtual size: 289B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.orpc Size: 512B - Virtual size: 136B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE