Static task
static1
Behavioral task
behavioral1
Sample
38f07727f3033a7c76945fa9b32af15528e7b4ca8dc368da1ea9aea998bb4c20.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
38f07727f3033a7c76945fa9b32af15528e7b4ca8dc368da1ea9aea998bb4c20.exe
Resource
win10v2004-20220812-en
General
-
Target
38f07727f3033a7c76945fa9b32af15528e7b4ca8dc368da1ea9aea998bb4c20
-
Size
892KB
-
MD5
0995c263223ae74086fcb12d5cb13350
-
SHA1
babcfb696df71bbd23b41cc291652e1148d6fe45
-
SHA256
38f07727f3033a7c76945fa9b32af15528e7b4ca8dc368da1ea9aea998bb4c20
-
SHA512
b7f016b9678a23c30b0853caa4ca9719f7841e9838e99672d2315199489d93aadc611397aa667ff1130853a450496725aa79ad378e080981a3dfe633f8f4b68a
-
SSDEEP
12288:U/ZuygqokoZBH7GA1ejEE9frRVNrGkPg5F3TC7pQalVXiho5Ycu4ya:Uhu1BfbGTxn3eF3TClQopiho5H
Malware Config
Signatures
Files
-
38f07727f3033a7c76945fa9b32af15528e7b4ca8dc368da1ea9aea998bb4c20.exe windows x86
b573454d62a51a0c1b2dd50a73d434c5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetTimeZoneInformation
MoveFileW
SetWaitableTimer
MoveFileExA
LocalShrink
InterlockedIncrement
InterlockedDecrement
lstrcatA
FindFirstVolumeMountPointW
SetVolumeMountPointW
EnumSystemLanguageGroupsA
SetCurrentDirectoryW
HeapAlloc
LoadModule
SetCalendarInfoA
GetStartupInfoA
_lopen
FreeResource
SetThreadIdealProcessor
FreeEnvironmentStringsA
ExitProcess
GetProfileIntA
FindResourceExA
OpenFileMappingA
GetPrivateProfileSectionW
SystemTimeToTzSpecificLocalTime
CreateEventA
OpenFile
GetPrivateProfileStructA
DefineDosDeviceW
RtlUnwind
user32
FillRect
ReleaseDC
GetWindowRect
MessageBoxW
GetSysColor
GetWindow
DdeCreateStringHandleW
SetCursor
GetDesktopWindow
UpdateWindow
MoveWindow
GetSysColorBrush
SetWindowPos
GetNextDlgTabItem
InvalidateRect
PostMessageW
GetWindowTextW
GetDC
CharNextW
IsWindow
ShowWindow
EnableWindow
DestroyWindow
EndDialog
GetDlgItem
GetActiveWindow
SetDlgItemTextW
GetFocus
GetWindowTextLengthW
GetScrollInfo
EndPaint
SetScrollInfo
CloseWindow
GetMenuState
advapi32
RegCreateKeyExW
RegSetValueW
RegDeleteValueW
RegEnumKeyW
RegCloseKey
RegRestoreKeyW
RegUnLoadKeyW
RegLoadKeyW
RegEnumValueW
RegCreateKeyW
LookupPrivilegeValueW
RegSetValueExA
RegConnectRegistryW
AdjustTokenPrivileges
RegFlushKey
Sections
.text Size: 277KB - Virtual size: 277KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 307KB - Virtual size: 766KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 302KB - Virtual size: 302KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 476B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE