Static task
static1
Behavioral task
behavioral1
Sample
ba6ab74e54a2d06a559c7105d84500df2bc963f6bddb2d3c5a16843de12e2421.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ba6ab74e54a2d06a559c7105d84500df2bc963f6bddb2d3c5a16843de12e2421.exe
Resource
win10v2004-20220901-en
General
-
Target
ba6ab74e54a2d06a559c7105d84500df2bc963f6bddb2d3c5a16843de12e2421
-
Size
56KB
-
MD5
0f3919a9cfe361c07f91008b03f8c860
-
SHA1
6e359e72ab1da220902c6d9c8bf8acb48f676afc
-
SHA256
ba6ab74e54a2d06a559c7105d84500df2bc963f6bddb2d3c5a16843de12e2421
-
SHA512
5a43e16498ba0e4caab46c75463e4b04f244cec637d835b5afc7e0b8a510fb44fec93b9968bb1bc8b06c7e81c0c9df96c5ece80926c54f9f522d74e9df48ad07
-
SSDEEP
1536:9w59AsNBOG+T1vOiGYxLn0IVHIDZ13xsFfXHs84g6i:9w59AeBOpT1vOgx5W1hsFfXHs9g6
Malware Config
Signatures
Files
-
ba6ab74e54a2d06a559c7105d84500df2bc963f6bddb2d3c5a16843de12e2421.exe windows x86
b7a21c8bfe65e8d0280d9d75f37b83b3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount
LocalAlloc
LocalFree
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetComputerNameA
GetLastError
FormatMessageA
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
InitializeCriticalSection
VirtualFree
VirtualAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
InterlockedExchangeAdd
user32
CharToOemA
OemToCharA
advapi32
OpenServiceA
GetNamedSecurityInfoA
SetEntriesInAclA
SetNamedSecurityInfoA
LsaOpenPolicy
LsaNtStatusToWinError
LookupAccountNameA
LsaClose
LsaEnumerateAccountRights
LsaFreeMemory
LsaAddAccountRights
ControlService
StartServiceA
DeleteService
CloseServiceHandle
QueryServiceConfigA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
msvcr71
__CxxFrameHandler
_purecall
??0exception@@QAE@XZ
_snprintf
?name@type_info@@QBEPBDXZ
__RTDynamicCast
??8type_info@@QBEHABV0@@Z
__RTtypeid
_vsnprintf
__security_error_handler
_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
?terminate@@YAXXZ
fopen
fprintf
memmove
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
abort
??0exception@@QAE@ABQBD@Z
?what@exception@@UBEPBDXZ
wcscmp
strncat
strncpy
vprintf
exit
printf
_putch
fclose
_getch
Sections
.text Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE