Static task
static1
Behavioral task
behavioral1
Sample
cb098c7158d4e27a09a490a702838b04173f7ae51dadea5e3bebcf093f03105c.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
cb098c7158d4e27a09a490a702838b04173f7ae51dadea5e3bebcf093f03105c.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
cb098c7158d4e27a09a490a702838b04173f7ae51dadea5e3bebcf093f03105c
-
Size
576KB
-
MD5
0c25e71334216b4a33020e8ba9992d81
-
SHA1
01da4500f84f41f316035f4434814617e3fef6a0
-
SHA256
cb098c7158d4e27a09a490a702838b04173f7ae51dadea5e3bebcf093f03105c
-
SHA512
66c2638473919bbe830a4442e28df36f9b3b1bbdd7983317bb12eaab863bd1b531508b548c3d852613072e2d0d9221b7f1fd2bdf27e46ec995ef020a54bd798b
-
SSDEEP
12288:dolEIf/VXCXb4k4k7knsjsdA3evPqO+J9awjZkCVAq3P+:SljlXUb4k57dIdacStawjkk2
Malware Config
Signatures
Files
-
cb098c7158d4e27a09a490a702838b04173f7ae51dadea5e3bebcf093f03105c.exe windows x86
b93835bfba180c6122bf1736ee6f87b3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
UpdateICMRegKeyA
GetGlyphOutlineA
ExtCreateRegion
SetViewportOrgEx
GetEnhMetaFileDescriptionA
SetLayout
PlayEnhMetaFile
SetDeviceGammaRamp
ExtFloodFill
SetBkMode
EnumFontFamiliesA
RectVisible
ScaleWindowExtEx
CreateDIBPatternBrush
GetCharWidthFloatW
LineDDA
SetICMMode
SetAbortProc
GetObjectW
ResetDCA
DeviceCapabilitiesExW
PlgBlt
BeginPath
Ellipse
SetSystemPaletteUse
advapi32
LogonUserA
LookupAccountSidW
CryptEnumProvidersW
CryptEnumProviderTypesA
LookupPrivilegeValueA
RegEnumKeyW
RegEnumValueA
CryptVerifySignatureW
CryptDecrypt
RegQueryValueExW
CryptAcquireContextA
CryptSetHashParam
InitiateSystemShutdownW
RegLoadKeyA
GetUserNameW
RegDeleteKeyW
LogonUserW
RegConnectRegistryA
RegEnumKeyA
CryptDestroyHash
RegConnectRegistryW
CryptSignHashA
CryptSetProviderExW
RegRestoreKeyW
RegEnumValueW
CryptEnumProvidersA
CryptSignHashW
RegQueryValueExA
CryptGetUserKey
CryptAcquireContextW
RegCreateKeyExW
LookupPrivilegeDisplayNameW
RegReplaceKeyA
RegRestoreKeyA
CryptHashSessionKey
CryptDuplicateKey
CryptGetDefaultProviderA
CryptCreateHash
LookupPrivilegeDisplayNameA
RegSaveKeyA
RegFlushKey
RegLoadKeyW
CryptGenRandom
CryptContextAddRef
RegSetKeySecurity
CryptDestroyKey
CryptSetProviderW
RegOpenKeyExA
CryptGetDefaultProviderW
shell32
SHGetNewLinkInfo
SHChangeNotify
SHQueryRecycleBinW
SHGetSpecialFolderLocation
DoEnvironmentSubstA
CommandLineToArgvW
DragQueryFileA
user32
GetProcessDefaultLayout
DdeQueryStringW
GetUserObjectInformationA
OpenClipboard
SetDlgItemInt
SetSysColors
ExcludeUpdateRgn
GetAltTabInfo
DialogBoxParamW
SetWinEventHook
GetMonitorInfoW
DdeAddData
CheckRadioButton
DdeAbandonTransaction
FindWindowExW
IsRectEmpty
CharNextA
CallWindowProcW
DdeSetQualityOfService
EnumDisplaySettingsExW
LoadAcceleratorsW
InsertMenuA
SetUserObjectSecurity
GetMenuInfo
LoadImageW
UpdateWindow
CloseWindowStation
ShowWindow
SetWindowsHookExW
RegisterClipboardFormatA
GetScrollInfo
LoadMenuA
DdeGetData
GetWindowTextW
SetFocus
GetDoubleClickTime
LookupIconIdFromDirectory
SendDlgItemMessageA
FindWindowW
DdeGetLastError
DlgDirListA
ReplyMessage
EnumDisplaySettingsA
ModifyMenuA
CreatePopupMenu
EnumDisplayDevicesA
GetDCEx
IsMenu
RealChildWindowFromPoint
CharToOemBuffW
SetScrollInfo
GetSysColor
PostMessageA
GetKeyboardState
AdjustWindowRectEx
DdeCreateStringHandleW
GetMessageW
CharToOemW
CopyAcceleratorTableW
GetShellWindow
CreateCaret
GetWindowTextLengthA
EndPaint
GetCapture
SendMessageA
DrawTextA
wvsprintfA
DialogBoxIndirectParamW
PtInRect
SetProcessDefaultLayout
ToUnicodeEx
GetWindowContextHelpId
GetAncestor
GetClassNameW
FillRect
GetPropA
CreateDesktopW
GetClientRect
DlgDirSelectExA
GetClassLongW
DefDlgProcW
ModifyMenuW
SetMessageExtraInfo
DispatchMessageW
DdeQueryNextServer
MenuItemFromPoint
GetDialogBaseUnits
SetUserObjectInformationW
GetUpdateRgn
DdeQueryStringA
CreateMenu
SetThreadDesktop
TabbedTextOutA
WindowFromDC
GetCursorPos
SetScrollRange
ClipCursor
DdeCreateStringHandleA
GetKeyboardLayout
MapWindowPoints
OpenDesktopA
EnableWindow
SetPropW
GetWindowDC
IsDialogMessage
SendNotifyMessageW
CreateDialogParamA
EnumPropsExA
DrawFocusRect
CreateWindowExA
DestroyIcon
EnumPropsA
EnableScrollBar
EnumPropsExW
CascadeChildWindows
TranslateMDISysAccel
GetKeyState
GetClassLongA
ActivateKeyboardLayout
SetMenu
GetMenuItemID
GetMenuContextHelpId
GetMenuStringA
SwapMouseButton
TrackMouseEvent
GetClassInfoA
GetScrollBarInfo
MsgWaitForMultipleObjects
GetLastActivePopup
MonitorFromWindow
DefWindowProcW
CreateIcon
DdeClientTransaction
GetWindowRect
GetWindowWord
LoadMenuIndirectA
EnumClipboardFormats
GetKeyboardLayoutList
UnregisterHotKey
DlgDirSelectExW
CascadeWindows
CreateDialogIndirectParamA
DeferWindowPos
DlgDirListW
EditWndProc
PaintDesktop
ToAscii
MapVirtualKeyA
ValidateRect
DefMDIChildProcW
RedrawWindow
SetWindowsHookW
BroadcastSystemMessageW
GetClipboardOwner
ToAsciiEx
DdeCmpStringHandles
DialogBoxIndirectParamA
GetCaretBlinkTime
OemToCharA
DdeConnectList
IsWindowEnabled
MessageBoxExW
GetDC
PostThreadMessageW
GetDlgItemTextW
GetThreadDesktop
GetIconInfo
LoadMenuIndirectW
VkKeyScanExW
SetWindowsHookExA
ChangeDisplaySettingsExW
GetMessageTime
GetOpenClipboardWindow
GetScrollPos
GetWindowTextLengthW
DialogBoxParamA
FindWindowExA
DragDetect
IsWindowVisible
DestroyMenu
SetClassLongW
ImpersonateDdeClientWindow
TabbedTextOutW
CharLowerBuffW
GetWindowInfo
GetCaretPos
GetWindowPlacement
DrawFrame
GetSystemMenu
GetMenuBarInfo
PostQuitMessage
SetPropA
wsprintfA
GetClassNameA
TranslateAccelerator
MonitorFromPoint
GetKeyNameTextA
IsCharUpperA
GetGuiResources
ShowScrollBar
DlgDirSelectComboBoxExW
EnumWindowStationsA
CreateDialogParamW
CheckMenuItem
SendNotifyMessageA
IsIconic
GetUserObjectInformationW
WaitForInputIdle
PostMessageW
DestroyWindow
OpenWindowStationA
ExitWindowsEx
RegisterDeviceNotificationW
SetWindowPos
CheckDlgButton
GetMenu
EnumDisplayDevicesW
GetKeyboardType
CloseWindow
BlockInput
GetSubMenu
CharLowerA
GetScrollRange
EnumWindows
InsertMenuItemA
GetWindowModuleFileNameW
GetSystemMetrics
VkKeyScanA
CharPrevExA
DrawEdge
GetActiveWindow
DlgDirSelectComboBoxExA
DdeDisconnectList
LoadBitmapW
OpenDesktopW
UnregisterClassA
FrameRect
LoadCursorA
SendIMEMessageExW
EndDialog
CallWindowProcA
ReuseDDElParam
FlashWindowEx
GetWindowRgn
GetProcessWindowStation
BringWindowToTop
GetInputState
EnumChildWindows
ChangeClipboardChain
MapVirtualKeyExA
InvalidateRgn
GetMenuDefaultItem
AppendMenuA
SetClipboardViewer
DrawIconEx
TranslateMessage
DragObject
LoadIconW
GetFocus
DrawTextExW
GetMenuItemInfoW
PostThreadMessageA
SetClassWord
GetTopWindow
SetCaretBlinkTime
DefWindowProcA
AdjustWindowRect
SetLastErrorEx
GetMenuStringW
CountClipboardFormats
DdeUnaccessData
NotifyWinEvent
SetMessageQueue
IsCharAlphaNumericA
CreateMDIWindowA
DrawCaption
DefFrameProcW
IsCharAlphaW
DrawMenuBar
DdeQueryConvInfo
DlgDirListComboBoxA
TrackPopupMenu
GetWindow
EnumWindowStationsW
UnhookWindowsHook
SetCaretPos
MessageBoxA
RemovePropW
ChangeDisplaySettingsExA
ChangeDisplaySettingsA
InvertRect
SetMenuDefaultItem
InsertMenuW
GetGUIThreadInfo
SetWindowWord
DrawAnimatedRects
GetMenuItemInfoA
RegisterClipboardFormatW
CallNextHookEx
KillTimer
GetWindowModuleFileNameA
LoadIconA
SystemParametersInfoW
IsClipboardFormatAvailable
GetMonitorInfoA
WinHelpW
SendDlgItemMessageW
DefDlgProcA
SendInput
GetDlgCtrlID
SetDeskWallpaper
GetParent
DrawIcon
GetPropW
CreateWindowStationW
SetMenuItemBitmaps
CreateWindowExW
DdeConnect
LoadStringA
LoadCursorW
GetDlgItemTextA
CopyIcon
FlashWindow
CallMsgFilter
IsCharLowerA
CopyRect
GetCursor
LoadBitmapA
SetWindowLongW
UnhookWinEvent
EnumDesktopsW
TrackPopupMenuEx
SetRect
SetCursor
GetWindowThreadProcessId
GetNextDlgGroupItem
RemovePropA
CallMsgFilterW
PeekMessageA
LoadImageA
LoadMenuW
WindowFromPoint
EnumDisplaySettingsW
SetActiveWindow
SetMenuInfo
DdeImpersonateClient
IsCharLowerW
GetDlgItemInt
SetTimer
GetWindowLongA
DdeFreeDataHandle
BeginPaint
SetShellWindow
RemoveMenu
OemKeyScan
CreateIconFromResource
LookupIconIdFromDirectoryEx
CloseClipboard
GetMenuCheckMarkDimensions
SetDoubleClickTime
GetTabbedTextExtentW
AttachThreadInput
GetClipboardFormatNameW
CopyAcceleratorTableA
LoadStringW
InternalGetWindowText
CreateDesktopA
IsChild
CharNextW
SetMenuItemInfoA
DestroyCursor
UnregisterDeviceNotification
OemToCharBuffA
SubtractRect
PeekMessageW
GetListBoxInfo
ChildWindowFromPoint
AnyPopup
FindWindowA
UnregisterClassW
CopyImage
SendMessageTimeoutW
DeleteMenu
CharLowerBuffA
GetUserObjectSecurity
MoveWindow
CreateAcceleratorTableA
WINNLSGetEnableStatus
ChildWindowFromPointEx
CharLowerW
RegisterDeviceNotificationA
SetForegroundWindow
GetKBCodePage
EndDeferWindowPos
GetUpdateRect
CreateDialogIndirectParamW
GetCursorInfo
GetMenuItemRect
DdeUninitialize
CharUpperBuffA
DrawTextW
SetCapture
GetComboBoxInfo
EnumThreadWindows
DlgDirListComboBoxW
DdeFreeStringHandle
GetAsyncKeyState
GetMessageExtraInfo
ArrangeIconicWindows
GetWindowLongW
SetMenuItemInfoW
MessageBoxW
DdeDisconnect
InsertMenuItemW
MessageBeep
SetDlgItemTextW
BeginDeferWindowPos
DdeInitializeW
RegisterWindowMessageA
ChangeMenuA
CreateCursor
OffsetRect
ChangeDisplaySettingsW
wvsprintfW
DdeInitializeA
RegisterClassExA
WINNLSGetIMEHotkey
ValidateRgn
SetScrollPos
EndTask
SetWindowTextA
RealGetWindowClass
CreateMDIWindowW
SetKeyboardState
ShowCursor
WinHelpA
EmptyClipboard
DrawTextExA
GetTitleBarInfo
GetClassInfoExW
GetKeyboardLayoutNameA
MessageBoxExA
AnimateWindow
GetInputDesktop
CreateIconIndirect
GetDesktopWindow
GetClipboardFormatNameA
DdeReconnect
ScrollWindow
ScrollDC
UnloadKeyboardLayout
SetMenuContextHelpId
GetClipCursor
InflateRect
MapVirtualKeyW
SetCursorPos
GetClipboardViewer
SetDlgItemTextA
MsgWaitForMultipleObjectsEx
EnumPropsW
DestroyCaret
IsCharUpperW
wsprintfW
GetClassInfoExA
LoadAcceleratorsA
LoadCursorFromFileW
LoadKeyboardLayoutW
SetClipboardData
EnumDisplayMonitors
VkKeyScanExA
PackDDElParam
SetWindowsHookA
DdeAccessData
TranslateAcceleratorW
RegisterHotKey
VkKeyScanW
DrawFrameControl
ScrollWindowEx
GetClassWord
SetRectEmpty
GetTabbedTextExtentA
TranslateAcceleratorA
EnumDesktopsA
GetPriorityClipboardFormat
LoadCursorFromFileA
DrawStateW
SetWindowTextW
EnableMenuItem
FreeDDElParam
SetProcessWindowStation
WaitMessage
SetSystemCursor
GetForegroundWindow
SetWindowRgn
SendIMEMessageExA
IsWindowUnicode
DefFrameProcA
IsCharAlphaA
SwitchDesktop
ToUnicode
wsock32
inet_ntoa
listen
ord1141
ord1116
WSAAsyncGetHostByAddr
WSAGetLastError
htonl
ord1130
ioctlsocket
select
getsockname
ord1117
ntohs
gethostname
gethostbyname
WSASetLastError
WSACancelAsyncRequest
inet_addr
ord1111
shutdown
ord1119
WSACancelBlockingCall
ord1110
ord1106
getprotobyname
socket
WSAIsBlocking
connect
accept
ord1120
ord1142
recv
WSAAsyncGetProtoByName
WSACleanup
getservbyport
ord1107
htons
ord1115
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetProfileSectionW
FlushViewOfFile
CreateEventW
FormatMessageA
GlobalLock
GetFileAttributesExA
FindAtomW
GetSystemDirectoryA
WaitNamedPipeW
HeapSize
FlushInstructionCache
CreateProcessA
SetConsoleTitleA
GetShortPathNameW
GlobalAddAtomA
CreateThread
GetFileSize
OpenMutexA
WriteProfileSectionA
SignalObjectAndWait
GlobalAddAtomW
GetCompressedFileSizeA
WritePrivateProfileStructA
DefineDosDeviceA
HeapCompact
CreatePipe
RtlMoveMemory
GetProcAddress
SetConsoleCursorPosition
GetPrivateProfileStringA
DeleteFiber
FileTimeToDosDateTime
CreateDirectoryA
GetDateFormatW
CreateConsoleScreenBuffer
SetLocaleInfoW
WaitForSingleObjectEx
GetNamedPipeHandleStateW
GetProfileStringA
WriteConsoleW
LocalUnlock
FindFirstFileExA
OpenFileMappingW
ReadConsoleOutputAttribute
GetProcessTimes
CreateNamedPipeW
GetPrivateProfileIntA
GetVersionExA
ReadProcessMemory
EnumSystemCodePagesW
GetProcessHeaps
lstrcpyA
EnumResourceNamesA
ReadConsoleW
SetWaitableTimer
GetTimeFormatW
GetTempFileNameA
PeekNamedPipe
EnumSystemLocalesA
EnumResourceNamesW
GetPrivateProfileStringW
SetFileAttributesW
lstrcatW
GetCurrencyFormatA
GetCalendarInfoA
SetConsoleActiveScreenBuffer
RtlZeroMemory
FindFirstFileW
GetTempPathW
LockResource
GetConsoleMode
EnumResourceLanguagesW
Toolhelp32ReadProcessMemory
GetFileType
BeginUpdateResourceA
CreateRemoteThread
GetProcessHeap
ReadConsoleInputW
EnumResourceTypesA
CreateDirectoryW
SetEnvironmentVariableA
SetCurrentDirectoryW
GetLongPathNameA
DebugBreak
FillConsoleOutputAttribute
LocalFileTimeToFileTime
GetConsoleScreenBufferInfo
SetFileTime
GetSystemInfo
GetNumberFormatA
GetDiskFreeSpaceA
GlobalFindAtomW
FreeResource
FreeEnvironmentStringsW
ResetEvent
RtlFillMemory
FindFirstFileExW
SetConsoleOutputCP
RemoveDirectoryW
Module32Next
CreateMailslotW
SetVolumeLabelW
LockFileEx
OpenSemaphoreW
MoveFileW
Heap32Next
lstrcmp
LoadLibraryExW
EnumDateFormatsA
GetFileInformationByHandle
GetLargestConsoleWindowSize
CreateTapePartition
IsDebuggerPresent
InitAtomTable
FlushFileBuffers
CreateProcessW
TransmitCommChar
WritePrivateProfileStringA
SetLastError
LocalAlloc
GetVersionExW
SetThreadPriorityBoost
ReadFileEx
GetProcessPriorityBoost
OpenMutexW
GetEnvironmentStringsA
HeapWalk
OpenWaitableTimerW
GetThreadContext
SetFileAttributesA
GetProfileIntW
lstrcpy
TerminateThread
GetStringTypeExA
DisconnectNamedPipe
ConvertDefaultLocale
GetCommandLineW
SuspendThread
FindFirstFileA
GetDriveTypeA
FindNextFileW
GetVolumeInformationW
RemoveDirectoryA
CreateDirectoryExW
GlobalFix
VirtualFreeEx
GetConsoleTitleA
GlobalHandle
EnumCalendarInfoA
WriteProfileSectionW
FileTimeToLocalFileTime
GetAtomNameA
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetShortPathNameA
UnhandledExceptionFilter
FreeConsole
WinExec
Sleep
ConnectNamedPipe
wininet
GopherFindFirstFileA
SetUrlCacheEntryGroupA
InternetOpenUrlA
DeleteUrlCacheEntry
LoadUrlCacheContent
SetUrlCacheGroupAttributeW
GetUrlCacheGroupAttributeA
FindNextUrlCacheEntryExA
DeleteUrlCacheContainerA
InternetGoOnlineW
ShowX509EncodedCertificate
InternetSetCookieA
HttpEndRequestA
InternetDial
FindNextUrlCacheEntryExW
FtpPutFileW
GopherCreateLocatorA
GopherGetAttributeW
InternetCreateUrlW
InternetReadFileExA
InternetAlgIdToStringW
InternetCanonicalizeUrlA
GopherCreateLocatorW
FtpRemoveDirectoryA
FtpOpenFileA
UnlockUrlCacheEntryFileW
InternetDialW
HttpEndRequestW
GopherFindFirstFileW
UnlockUrlCacheEntryFile
GetUrlCacheGroupAttributeW
SetUrlCacheConfigInfoW
FtpRenameFileA
InternetFindNextFileA
FtpCommandA
ResumeSuspendedDownload
InternetQueryOptionA
RetrieveUrlCacheEntryFileW
HttpSendRequestExA
FindFirstUrlCacheEntryExW
RunOnceUrlCache
InternetCanonicalizeUrlW
InternetSecurityProtocolToStringW
InternetSetDialState
InternetSetOptionW
DeleteUrlCacheEntryA
InternetWriteFileExW
GopherGetAttributeA
FtpFindFirstFileA
GetUrlCacheConfigInfoA
RetrieveUrlCacheEntryFileA
InternetTimeFromSystemTimeA
FindNextUrlCacheContainerA
GopherOpenFileA
InternetCombineUrlW
FtpGetFileSize
DetectAutoProxyUrl
InternetCheckConnectionW
UpdateUrlCacheContentPath
GopherGetLocatorTypeA
InternetSetFilePointer
InternetSetCookieW
SetUrlCacheEntryGroup
RetrieveUrlCacheEntryStreamA
Sections
.text Size: 142KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 102KB - Virtual size: 102KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 274KB - Virtual size: 274KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE