Static task
static1
Behavioral task
behavioral1
Sample
681c6c0b7c2a7358e0d85d7a4b6b944b5d2914df7e49932151a27863946822b7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
681c6c0b7c2a7358e0d85d7a4b6b944b5d2914df7e49932151a27863946822b7.exe
Resource
win10v2004-20220812-en
General
-
Target
681c6c0b7c2a7358e0d85d7a4b6b944b5d2914df7e49932151a27863946822b7
-
Size
156KB
-
MD5
109f9500ce7007febec19ac66a95c5de
-
SHA1
c393ce2615ab89061f11d6ce878f6f01d9ea8563
-
SHA256
681c6c0b7c2a7358e0d85d7a4b6b944b5d2914df7e49932151a27863946822b7
-
SHA512
59e59612f9b67676a08d3f3a5b38af7216578a7135dc06d4182c1221469b8fa1ee2493d0db159b25e08259c1a2104e239b1d4c3c8fc0973fe5d9c7dff52e3752
-
SSDEEP
3072:wn2Cyjbg7E8Ny1PkZSkNcNyXUKB3dplTbbrVC+oK/3+JaaK+yAr9E3Tv:opToAONcUK/LfrM+h/u7M
Malware Config
Signatures
Files
-
681c6c0b7c2a7358e0d85d7a4b6b944b5d2914df7e49932151a27863946822b7.exe windows x86
0ee5b227e58fe935a374b04b3a9dd5f4
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc71
ord300
ord3850
ord675
ord382
ord442
ord745
ord557
ord1254
ord386
ord2280
ord2288
ord3931
ord2751
ord1440
ord631
ord5715
ord556
ord5097
ord5346
ord1452
ord744
ord262
ord259
ord5491
ord4108
ord5529
ord4109
ord5419
ord2131
ord2272
ord911
ord5563
ord3997
ord304
ord2322
ord2933
ord299
ord1489
ord305
ord784
ord558
ord1005
ord297
ord1207
ord746
ord1486
ord3019
ord5466
ord423
ord660
ord663
ord5430
ord781
ord1482
ord4063
ord1115
ord3022
ord5469
ord4066
ord426
ord3236
ord869
ord866
ord310
ord1054
ord334
ord5119
ord593
ord1917
ord762
ord2248
ord757
ord566
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord1084
ord3683
ord4541
ord6286
ord5320
ord6297
ord5331
ord1580
ord370
ord530
ord722
ord618
ord1072
ord314
ord578
ord764
ord265
ord266
ord2346
ord3255
ord5714
ord1185
ord5712
ord1187
ord1191
msvcr71
_controlfp
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
__dllonexit
?terminate@@YAXXZ
_setmbcp
malloc
free
_resetstkoflw
_except_handler3
memset
memcpy
__CxxFrameHandler
memcmp
exit
_beginthreadex
_purecall
wcsncpy
realloc
_itoa
sprintf
_strdup
qsort
isdigit
_atoi64
_vsnprintf
_onexit
kernel32
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
lstrcatA
GetModuleFileNameA
lstrcpyA
lstrcpynA
ResumeThread
Sleep
SetEvent
WaitForSingleObject
CloseHandle
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetProcAddress
IsBadReadPtr
LeaveCriticalSection
EnterCriticalSection
lstrlenA
lstrlenW
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
GetModuleHandleA
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetStartupInfoA
ExitProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
CreateEventA
SetCurrentDirectoryA
ReleaseMutex
GetTickCount
CreateMutexA
SetCommState
GetCommState
SetCommTimeouts
CreateFileA
GetOverlappedResult
WaitForMultipleObjects
WriteFile
ReadFile
MulDiv
MapViewOfFile
OpenFileMappingA
GetCurrentProcessId
CreateFileMappingA
CreateThread
GetLocalTime
OutputDebugStringA
DeleteFileA
CreateDirectoryA
WideCharToMultiByte
user32
CharNextA
advapi32
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
shlwapi
PathFindExtensionA
ole32
StringFromGUID2
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
oleaut32
SysAllocString
VariantClear
VariantInit
SysFreeString
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
SysStringLen
LoadTypeLi
Sections
.text Size: 56KB - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.erdata Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE