Static task
static1
Behavioral task
behavioral1
Sample
ebd1c3a711a8476fa8b57edc83941099158d7830759d80c1f872d47807c327b3.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
ebd1c3a711a8476fa8b57edc83941099158d7830759d80c1f872d47807c327b3.exe
Resource
win10v2004-20220812-en
General
-
Target
ebd1c3a711a8476fa8b57edc83941099158d7830759d80c1f872d47807c327b3
-
Size
635KB
-
MD5
83031c1313ce9aefe2200dd169757136
-
SHA1
3f14333786d2f9c2b32ce96e6478752818a8f8eb
-
SHA256
ebd1c3a711a8476fa8b57edc83941099158d7830759d80c1f872d47807c327b3
-
SHA512
1e528963093eb177b19042cc01b433177e76bcdac884a10a2d493ee25e35e01b6209fd75423c6c9f0c3892839ac2adcb4fda1ddc29a8f1f1104739f557a7c229
-
SSDEEP
12288:oK1yx+Ptle/sE8YU9oHfeddL9sE/c1iLzHqpKJf/RTYDxhOPsquLcd2QhW1Q8I5F:oK1l0s+L/eddL9sQcwXHqAJ3RTYDxhOR
Malware Config
Signatures
Files
-
ebd1c3a711a8476fa8b57edc83941099158d7830759d80c1f872d47807c327b3.exe windows x86
25f2006f04fdbf6a89718497a2bec7db
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetFileSize
WriteFile
FlushFileBuffers
GetCommandLineW
lstrlenA
GetCurrentThreadId
ResetEvent
FlushInstructionCache
RaiseException
WaitForMultipleObjects
MulDiv
GlobalHandle
TerminateThread
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetUserDefaultLangID
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetSystemTimeAsFileTime
HeapReAlloc
GetLocalTime
RtlUnwind
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
DeleteCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetACP
GetOEMCP
LCMapStringA
HeapSize
LoadLibraryA
SetLastError
GetConsoleMode
GetStringTypeA
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetTimeZoneInformation
CreateFileA
CompareStringA
SetEnvironmentVariableA
GetThreadLocale
InterlockedCompareExchange
IsProcessorFeaturePresent
GetWindowsDirectoryA
GetSystemDirectoryA
UnmapViewOfFile
LeaveCriticalSection
GetLastError
MapViewOfFile
EnterCriticalSection
InitializeCriticalSection
SizeofResource
LockResource
LoadResource
Sleep
SetEvent
CreateThread
GetExitCodeProcess
WaitForSingleObject
CloseHandle
FreeLibrary
SetFilePointer
GlobalAlloc
LocalFree
LocalAlloc
GetDriveTypeA
GetCurrentDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
ResumeThread
ExitThread
SetEndOfFile
FindClose
DuplicateHandle
GetSystemDefaultLCID
ReleaseMutex
GetTickCount
GetCurrentThread
GetConsoleCP
GetCurrentProcess
GlobalUnlock
ReadFile
GlobalLock
GlobalFree
GlobalReAlloc
TerminateProcess
gdi32
CreateCompatibleBitmap
GetDeviceCaps
SetBkMode
SetTextColor
SetBkColor
CreateSolidBrush
SetDIBitsToDevice
PatBlt
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBitmap
RealizePalette
SelectPalette
GetStockObject
CreatePalette
DeleteObject
user32
MapDialogRect
UnregisterClassA
KillTimer
SetTimer
GetDlgItem
DestroyWindow
GetWindow
GetParent
ClientToScreen
MoveWindow
SetCapture
SetWindowContextHelpId
DestroyIcon
DestroyAcceleratorTable
BeginPaint
GetDC
ReleaseDC
MsgWaitForMultipleObjects
FillRect
GetSystemMetrics
EndDialog
ExitWindowsEx
GetFocus
SetFocus
EnableMenuItem
GetSystemMenu
ReleaseCapture
InvalidateRgn
GetActiveWindow
ScreenToClient
PtInRect
GetCursorPos
PostQuitMessage
IsDlgButtonChecked
GetSysColorBrush
InvalidateRect
SetCursor
DrawFocusRect
GetCursor
ShowWindow
IsWindow
GetClientRect
SetWindowPos
EndPaint
IsChild
TranslateMessage
GetSysColor
RedrawWindow
GetWindowRect
MapWindowPoints
GetDesktopWindow
comctl32
_TrackMouseEvent
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx
shell32
SHGetSpecialFolderLocation
SHGetDesktopFolder
ole32
CoTaskMemRealloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleLockRunning
StringFromGUID2
CoTaskMemAlloc
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoGetClassObject
oleaut32
VariantClear
SysAllocStringLen
VarUI4FromStr
VarBstrCmp
SysStringLen
VariantInit
SysFreeString
SysAllocString
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
imm32
ImmAssociateContext
ImmReleaseContext
ImmGetContext
shlwapi
PathCombineW
PathRemoveBlanksW
PathAddBackslashW
PathRemoveBackslashW
PathCanonicalizeW
PathStripToRootW
PathIsRootW
setupapi
SetupIterateCabinetW
Sections
.text Size: 576KB - Virtual size: 575KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 49KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE