Static task
static1
Behavioral task
behavioral1
Sample
9443fa6c3dd3a4ce0d8a29fabb09699cd8c4984c3fa8235860df0f007c70d071.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
9443fa6c3dd3a4ce0d8a29fabb09699cd8c4984c3fa8235860df0f007c70d071.exe
Resource
win10v2004-20220901-en
General
-
Target
9443fa6c3dd3a4ce0d8a29fabb09699cd8c4984c3fa8235860df0f007c70d071
-
Size
28KB
-
MD5
829a00e333af9958cce8c2f36d60641c
-
SHA1
451ef80394e43010456ae4424d223abef02cb978
-
SHA256
9443fa6c3dd3a4ce0d8a29fabb09699cd8c4984c3fa8235860df0f007c70d071
-
SHA512
b547adc248063f849089b836532f7ee925bf38f3dcf23831d5150b4785eb0c50b475caeee951596909d624b439c19e26323ac5f446f71242f58c0493cba35e20
-
SSDEEP
768:9xu+APGi5QhFhCYmvBZ2yzVV/NEFkz516E+fk2a4N:zVAPGwQofvBZ2yzjFGK51d+f
Malware Config
Signatures
Files
-
9443fa6c3dd3a4ce0d8a29fabb09699cd8c4984c3fa8235860df0f007c70d071.exe windows x86
4682193edd63bca75176f71808b5eca5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
swprintf
wcslen
wcscat
wcscpy
_stricmp
strncpy
RtlInitUnicodeString
ObfDereferenceObject
ZwClose
ZwOpenKey
strncmp
_strnicmp
RtlCopyUnicodeString
_itow
_wcsnicmp
MmGetSystemRoutineAddress
IofCompleteRequest
ExFreePool
_snprintf
ExAllocatePoolWithTag
RtlAnsiStringToUnicodeString
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 832B - Virtual size: 826B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ