Static task
static1
Behavioral task
behavioral1
Sample
c1ded91dec598403e4972ee5358f81ee0537df3c658489640b8464357fd26f22.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
c1ded91dec598403e4972ee5358f81ee0537df3c658489640b8464357fd26f22.exe
Resource
win10v2004-20220812-en
General
-
Target
c1ded91dec598403e4972ee5358f81ee0537df3c658489640b8464357fd26f22
-
Size
1004KB
-
MD5
04a2a1289c36451571ffdae2fafe3e70
-
SHA1
3f8b859586a27e8378204ec88ec6d24e522c764d
-
SHA256
c1ded91dec598403e4972ee5358f81ee0537df3c658489640b8464357fd26f22
-
SHA512
7de8370f15533fffc5f4a8f32735e854e8039249270094f59a01a3a672938d1fd4152f7473cb3a87ddfc4186663244026f1ac1c5f55ef459ff464f2f86592942
-
SSDEEP
24576:6qq7CicB7rcv9EMNoIztqZjQtwvHMwbwF46U846PaGg:6hHveM6IztKcaHMwbwF46U8zaR
Malware Config
Signatures
Files
-
c1ded91dec598403e4972ee5358f81ee0537df3c658489640b8464357fd26f22.exe windows x86
d6e91bd4f6167b8558efd4914a1235f8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CreateDirectoryA
GetPrivateProfileStringA
OutputDebugStringA
GetTickCount
DeleteFileA
RemoveDirectoryA
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
EnterCriticalSection
LeaveCriticalSection
MulDiv
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcess
GetModuleFileNameA
LoadLibraryA
FreeLibrary
VirtualQuery
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadPriority
GetCurrentThread
InitializeCriticalSection
DeleteCriticalSection
FindClose
FindFirstFileA
Sleep
FindNextFileA
GetVersionExA
IsBadWritePtr
GetLastError
GetCurrentThreadId
SetErrorMode
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetModuleHandleA
CreateMutexA
GetCommandLineA
CloseHandle
InterlockedIncrement
InterlockedDecrement
GetFileTime
CreateFileA
WideCharToMultiByte
GetLocaleInfoA
RaiseException
RtlUnwind
IsBadReadPtr
GetSystemTimeAsFileTime
GetStartupInfoA
ExitProcess
HeapFree
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
HeapReAlloc
HeapAlloc
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
TerminateProcess
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
ReadFile
WriteFile
TlsFree
SetLastError
TlsAlloc
HeapSize
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcessId
VirtualAlloc
FlushFileBuffers
SetFilePointer
VirtualProtect
GetSystemInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadCodePtr
SetStdHandle
GetACP
GetOEMCP
SetCurrentDirectoryA
advapi32
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyA
winmm
mixerGetLineControlsA
timeGetTime
timeBeginPeriod
mixerClose
mixerGetControlDetailsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerSetControlDetails
timeEndPeriod
wsock32
select
WSACleanup
closesocket
htons
recv
send
WSAGetLastError
gethostbyname
ioctlsocket
connect
__WSAFDIsSet
WSAStartup
inet_ntoa
socket
user32
GetDC
DrawTextExA
OffsetRect
MoveWindow
GetWindowRect
SystemParametersInfoA
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
DefWindowProcA
EndPaint
DrawTextA
FillRect
BeginPaint
SetFocus
GetFocus
GetWindowLongA
MessageBoxA
AdjustWindowRect
GetDesktopWindow
DestroyWindow
GetWindowTextA
ShowWindow
SendMessageA
SetTimer
ReleaseDC
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
GetSysColor
SetWindowTextA
GetSysColorBrush
SetCursor
ScreenToClient
GetCursorPos
CloseClipboard
SetClipboardData
OpenClipboard
ReleaseCapture
SetCapture
WindowFromPoint
PeekMessageA
GetClipboardData
GetWindowPlacement
CloseWindow
SetForegroundWindow
GetSystemMetrics
CreateCursor
PostMessageA
RegisterWindowMessageA
DestroyCursor
GetClientRect
ClientToScreen
SetWindowLongA
gdi32
GetObjectA
CreateFontIndirectA
SelectObject
CreateSolidBrush
SetBkMode
IntersectClipRect
SetTextColor
TextOutA
GetDeviceCaps
CreateFontA
GetTextMetricsA
DeleteObject
shell32
ShellExecuteA
ole32
CoCreateInstance
CoInitialize
oleaut32
SysAllocString
SysFreeString
Sections
.text Size: 784KB - Virtual size: 780KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ