Static task
static1
Behavioral task
behavioral1
Sample
90890b30ccd61c693145d5bba8d0b4a6998e3083803fa2abbe437efbedf56394.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
90890b30ccd61c693145d5bba8d0b4a6998e3083803fa2abbe437efbedf56394.exe
Resource
win10v2004-20220812-en
General
-
Target
90890b30ccd61c693145d5bba8d0b4a6998e3083803fa2abbe437efbedf56394
-
Size
42KB
-
MD5
923d36cda5dab0b9130a3bf831c24e80
-
SHA1
2c70428a6caac56e06f7813b0ce68e243b80c18e
-
SHA256
90890b30ccd61c693145d5bba8d0b4a6998e3083803fa2abbe437efbedf56394
-
SHA512
d84d19da77805333408e30f0a107cf851f4fe297562aadc085b321fac1bdeca6fa8ca6256054b9bbd77985427116f5986d6198985a1cdc573b1e7b538bbbb321
-
SSDEEP
768:090OGZSxhMjy2vGf67TuZBg3o7AZLRmgfGskmrUWFmOo3QxZg/urLV1Em:0iBjy2vGf64Bg47AZQgFrUCo3Q/uur5Z
Malware Config
Signatures
Files
-
90890b30ccd61c693145d5bba8d0b4a6998e3083803fa2abbe437efbedf56394.exe windows x86
2a5aae458fc0d4b12c3c293f26469545
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleW
LocalFree
GetLastError
LocalAlloc
FormatMessageW
SetThreadUILanguage
GetConsoleOutputCP
WideCharToMultiByte
GetProcessHeap
HeapAlloc
GetStdHandle
WriteFile
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
msvcrt
_amsg_exit
_iob
fwprintf
_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_wsetlocale
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_wtoi
wcsstr
memset
_vsnwprintf
wprintf
_wcsicmp
ntdll
RtlGUIDFromString
RtlNtStatusToDosError
user32
LoadStringW
vaultcli
VaultCreateVault
VaultGetItemType
VaultSetInformation
VaultEnumerateItems
VaultRemoveItem
VaultAddItem
VaultCloseVault
VaultLockVault
VaultFree
VaultGetInformation
VaultOpenVault
VaultUnlockVault
VaultEnumerateVaults
VaultLoadVaults
VaultUnloadVaults
VaultCopyVault
VaultEnumerateItemTypes
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE