Static task
static1
Behavioral task
behavioral1
Sample
a811953cc4d01e73169c32e3175f702c771e036fcacadb394bb494019fa6d9af.exe
Resource
win7-20220812-en
General
-
Target
a811953cc4d01e73169c32e3175f702c771e036fcacadb394bb494019fa6d9af
-
Size
96KB
-
MD5
0e95679b6d1f9104fa658cc0f13df970
-
SHA1
22e5cde10b200c2e7e40c9fe2b10176109e157c4
-
SHA256
a811953cc4d01e73169c32e3175f702c771e036fcacadb394bb494019fa6d9af
-
SHA512
d5ed8c763a191438d1f60c373a0b95a87dff6cf3322b02a4ebd4fa53f9e7cfddf1097742daeae7bc675267344326d7271d7f1c9718c264b60452a65e51f4c1d7
-
SSDEEP
1536:n+cZTB5RzoAh0onfg34O0mom9lX/XEJ2nAMxtgZ7ErYqZ13AYAkYVeQI2Gc:tBOonfg3r19tfEJWXtgFIN1QYBA/R
Malware Config
Signatures
Files
-
a811953cc4d01e73169c32e3175f702c771e036fcacadb394bb494019fa6d9af.exe windows x86
57152c43cbe3e770cca4ecbccc2d00e3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetVersionExA
GetPrivateProfileStringA
LCMapStringW
LCMapStringA
GetModuleFileNameA
SetCurrentDirectoryA
WinExec
CreateProcessA
GetStringTypeA
WaitForSingleObject
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetStringTypeW
user32
wsprintfA
CharUpperA
advapi32
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rmnet Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE