Static task
static1
Behavioral task
behavioral1
Sample
3681092454ac769a93f5708bb0e16b447409223f58a7e062bd509bb9afd94f53.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3681092454ac769a93f5708bb0e16b447409223f58a7e062bd509bb9afd94f53.exe
Resource
win10v2004-20220812-en
General
-
Target
3681092454ac769a93f5708bb0e16b447409223f58a7e062bd509bb9afd94f53
-
Size
1.3MB
-
MD5
31c3759bb276270dabc44d0cbef29f29
-
SHA1
5fc284f4cf113a2338dc02eb434c05c3197e0585
-
SHA256
3681092454ac769a93f5708bb0e16b447409223f58a7e062bd509bb9afd94f53
-
SHA512
eee766d45402bef1297b9a2726bbf6831ede61bd7cf07309de263db87dd5d96fe1b7bf36c262ec59d44000ac13e5bf0fd023e103cbe033881a1c0b7fbe10c295
-
SSDEEP
24576:YnHoRQNnFUFV1zUQUTUSnBE+pZ8TrIbogqiHAlpA7AH/3tB8bbmjJYyzZVS:0IROFkU7rBE+vUIbLNg7j/Ubbk5S
Malware Config
Signatures
Files
-
3681092454ac769a93f5708bb0e16b447409223f58a7e062bd509bb9afd94f53.exe windows x86
08c431ac5f6f19955321b9378b4e4bd6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLogicalDrives
CreateNamedPipeA
DeleteTimerQueue
DeviceIoControl
SetFileAttributesA
WriteProcessMemory
ReadConsoleOutputA
GetDiskFreeSpaceExA
CommConfigDialogA
GlobalAddAtomA
CreateProcessA
RtlMoveMemory
GetDiskFreeSpaceA
GetLogicalDriveStringsA
VirtualAllocEx
FindNextVolumeMountPointW
GetAtomNameA
DebugBreak
HeapFree
VirtualQuery
GetComPlusPackageInstallStatus
GetPrivateProfileSectionNamesW
OpenMutexA
SetFileAttributesA
SetConsoleCursorPosition
RegisterWaitForSingleObjectEx
ReadConsoleInputA
GetLastError
SizeofResource
IsBadHugeReadPtr
OpenEventA
WriteConsoleOutputAttribute
GetWindowsDirectoryA
DefineDosDeviceA
GetComputerNameA
OpenEventA
dpmodemx
SPInit
advapi32
CredFree
user32
ReasonCodeNeedsComment
CloseDesktop
CharLowerBuffA
SendIMEMessageExA
CreateDesktopA
SetThreadDesktop
SendMessageTimeoutA
GetFocus
RegisterLogonProcess
GetTaskmanWindow
SetSysColorsTemp
SetProgmanWindow
CreateIconIndirect
GetWindow
CallWindowProcA
CharToOemBuffA
GetUpdateRgn
FrameRect
CharToOemA
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 710KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 312KB - Virtual size: 311KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ