Static task
static1
Behavioral task
behavioral1
Sample
da8ab24746a5fc05e5fee05fd7cb209c610af3bec38f14e12b758e5750dfa1f5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
da8ab24746a5fc05e5fee05fd7cb209c610af3bec38f14e12b758e5750dfa1f5.exe
Resource
win10v2004-20220812-en
General
-
Target
da8ab24746a5fc05e5fee05fd7cb209c610af3bec38f14e12b758e5750dfa1f5
-
Size
3.0MB
-
MD5
88e1f2503987ba418688213392f6b15a
-
SHA1
cb2980cc50afceff1bfdd877e87643889ce15bcf
-
SHA256
da8ab24746a5fc05e5fee05fd7cb209c610af3bec38f14e12b758e5750dfa1f5
-
SHA512
6a1325e8841154d1dcb80f2ea062acafe0ccb8c24649f3ae27ea21225d1c3d3a8f0b83ed4536bbd4dff15c99c9ffd47055303810b7a84f4bd3981b4cc9a58a1b
-
SSDEEP
49152:y9rtmuEGhlaI6PBq+BGJgbqnmZaxwG85U4a9bLgCkDbafowivm4q7ueVVRJIwztz:ihj6PBqeGJyqm8wGZ4aMDbaQwBuejPxz
Malware Config
Signatures
Files
-
da8ab24746a5fc05e5fee05fd7cb209c610af3bec38f14e12b758e5750dfa1f5.exe windows x86
2d1f288c95b333039cd27c7f6c5bf0b3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
msimg32
GradientFill
kernel32
CreateFileA
WriteFile
GetLastError
CreateMutexA
WritePrivateProfileStringA
GetFileAttributesA
FindFirstFileA
FindNextFileA
OutputDebugStringA
DeleteFileA
RemoveDirectoryA
FindClose
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
SetFileTime
ReadFile
GetFileType
GetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetACP
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
GetStringTypeW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
LoadLibraryW
InitializeCriticalSectionAndSpinCount
HeapCreate
IsProcessorFeaturePresent
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
SetLastError
TlsFree
WideCharToMultiByte
MultiByteToWideChar
LockResource
SizeofResource
LoadResource
FreeResource
FindResourceA
CloseHandle
WinExec
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
GetPrivateProfileStringA
SetFileAttributesA
CreateDirectoryA
TerminateProcess
Sleep
OpenProcess
GetCurrentProcess
FlushFileBuffers
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringW
RtlUnwind
GetCPInfo
RaiseException
InterlockedIncrement
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleW
GetProcAddress
HeapFree
GetCurrentThreadId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
InterlockedExchange
InterlockedDecrement
user32
DispatchMessageA
GetSystemMetrics
WindowFromDC
ShowWindow
SetLayeredWindowAttributes
SetWindowPos
LoadImageA
InvalidateRect
TranslateMessage
BeginPaint
SendMessageA
GetClientRect
LoadBitmapA
DrawTextA
KillTimer
PostQuitMessage
CreateDialogParamA
GetWindowRect
SetTimer
GetMessageA
DestroyWindow
MoveWindow
EndPaint
UpdateWindow
FindWindowA
GetDlgCtrlID
GetDlgItem
PostMessageA
wvsprintfA
gdi32
SetBkMode
BitBlt
SetTextColor
DeleteDC
GetStockObject
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
advapi32
OpenProcessToken
RegOpenKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
shell32
SHGetSpecialFolderLocation
SHCreateDirectoryExA
SHGetPathFromIDListA
ole32
CoCreateInstance
CoInitialize
CoTaskMemFree
gdiplus
GdiplusStartup
shlwapi
PathStripPathA
psapi
EnumProcesses
GetModuleFileNameExA
EnumProcessModules
Sections
.text Size: 195KB - Virtual size: 195KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.7MB - Virtual size: 4.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ