Static task
static1
Behavioral task
behavioral1
Sample
cb4f31660138e75b02a5b681823038a2da0d3cbec30f8a5a39482612f34294f7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
cb4f31660138e75b02a5b681823038a2da0d3cbec30f8a5a39482612f34294f7.exe
Resource
win10v2004-20220812-en
General
-
Target
cb4f31660138e75b02a5b681823038a2da0d3cbec30f8a5a39482612f34294f7
-
Size
825KB
-
MD5
21a40c0bcfac6796e60c15658034a3d2
-
SHA1
68fe05d2d93ed17307628993f1f54bf5073290ee
-
SHA256
cb4f31660138e75b02a5b681823038a2da0d3cbec30f8a5a39482612f34294f7
-
SHA512
0a8df349d28337063e2c8a86503b9c97a887100c2918eb6e268f0654d746dc436367c8e133263f44ebf8d2213e851a94afc893315842be9fb3a0a84b71b54220
-
SSDEEP
24576:wYPg5h5fJ65XAqjWs8kUZAF+8s7/vI+DLrSgR:wYPgBfbqKTTZg+8s73I4
Malware Config
Signatures
Files
-
cb4f31660138e75b02a5b681823038a2da0d3cbec30f8a5a39482612f34294f7.exe windows x86
b42b9ce918972db35c85b705c1c88fba
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
olecli32
LeClone
GenRelease
ErrGetUpdateOptions
PbCreate
OleRename
OleObjectConvert
ErrExecute
OleDraw
ConnectDlgProc
OleQueryClientVersion
GenCopy
OleGetLinkUpdateOptions
GenEnumFormat
LeExecute
LeCopyFromLink
BmQueryBounds
PbCreateFromClip
LeEnumFormat
ErrSetHostNames
ErrSetBounds
MfQueryBounds
DefLoadFromStream
DefCreateLinkFromClip
OleSetColorScheme
MfRelease
OleQueryReleaseMethod
CheckNetDrive
OleQueryReleaseError
kernel32
InvalidateConsoleDIBits
GetSystemWow64DirectoryW
PrepareTape
GetLocaleInfoA
GetMailslotInfo
LoadLibraryW
DebugBreakProcess
SetConsoleInputExeNameA
LocalFree
GetCurrentThread
SetClientTimeZoneInformation
CreateJobObjectW
FillConsoleOutputCharacterA
GetProfileIntA
VerifyVersionInfoW
GlobalSize
RestoreLastError
UnregisterWait
TermsrvAppInstallMode
SetNamedPipeHandleState
DefineDosDeviceW
CreateFileW
SetSystemTime
GetConsoleAliasExesA
RequestWakeupLatency
GetFileAttributesExA
_hread
EnumDateFormatsExW
GetComputerNameExA
EnumResourceTypesW
SetComputerNameA
InitAtomTable
FlushConsoleInputBuffer
GetConsoleCP
PulseEvent
AddLocalAlternateComputerNameW
LoadLibraryExA
GetModuleHandleW
GetConsoleCursorMode
InterlockedExchange
Module32FirstW
SetProcessWorkingSetSize
dbghelp
omap
SearchTreeForFile
SymEnumerateModules
SymGetSymFromAddr
SymGetTypeFromName
SymRegisterCallback64
SymRegisterFunctionEntryCallback64
ExtensionApiVersion
SymGetSearchPath
SymGetModuleInfo
SymFindFileInPath
SymUnDName64
MakeSureDirectoryPathExists
SymEnumSym
EnumerateLoadedModules
SymGetSymFromName
SymGetLineFromAddr64
SymMatchFileName
FindExecutableImageEx
SymGetLineNext64
vc7fpo
SymEnumerateSymbolsW64
SymSetOptions
SymGetLineFromAddr
FindDebugInfoFile
user32
GetKeyboardState
SwapMouseButton
PrivateExtractIconExA
DrawStateA
WinHelpA
OemKeyScan
CalcMenuBar
OemToCharW
SetMessageQueue
DdeImpersonateClient
GetClientRect
GetClipboardFormatNameW
crtdll
_searchenv
_umask
_osversion_dll
_ismbckata
asctime
_CIsin
_mbcjistojms
_CIpow
perror
_fpclass
_mbstrlen
abs
_chdir
is_wctype
Sections
.text Size: 383KB - Virtual size: 383KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 137KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 181KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 121KB - Virtual size: 121KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 888B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ