Static task
static1
Behavioral task
behavioral1
Sample
42443f4fbd8c113838b650f204fc833123e3f40b4c96f0286569f4046b9e7ea9.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
42443f4fbd8c113838b650f204fc833123e3f40b4c96f0286569f4046b9e7ea9.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
42443f4fbd8c113838b650f204fc833123e3f40b4c96f0286569f4046b9e7ea9
-
Size
375KB
-
MD5
13118516d9111d0f34b515bb4fcc7550
-
SHA1
11b03b32a764cb03e62aec05e6c1a1c7f648fb14
-
SHA256
42443f4fbd8c113838b650f204fc833123e3f40b4c96f0286569f4046b9e7ea9
-
SHA512
e41254f80cc980d2920602e1376f783af6ecc36233a45482f4a56712508348cb196f0c6bcf5d7edfb0b1a82db91fd13c564fea78a24de95c5dbd83be23ba2cc3
-
SSDEEP
6144:92Eyj6WW57/Pc70yFMlMPfB3UKrmUqRpkLGNtJPvosNRnws0U7zdLWH26iYeYFSJ:JyGftUpF+U3bmbRpkuquRwXUv5YWNj8c
Malware Config
Signatures
Files
-
42443f4fbd8c113838b650f204fc833123e3f40b4c96f0286569f4046b9e7ea9.exe windows x86
26c8f00320e41ae53291cda7c17158db
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualProtectEx
GetCommTimeouts
CreatePipe
GetNamedPipeInfo
TlsFree
SetCommTimeouts
WaitForSingleObject
ReadConsoleInputW
CreateToolhelp32Snapshot
DeleteAtom
GetBinaryTypeA
VerLanguageNameA
FatalAppExitA
SetNamedPipeHandleState
GetNamedPipeHandleStateW
SetPriorityClass
ExpandEnvironmentStringsW
GetThreadTimes
Sleep
ResetEvent
GetModuleHandleW
lstrcpyA
GetBinaryTypeW
BuildCommDCBAndTimeoutsA
GlobalUnlock
GetTickCount
WaitCommEvent
GetLongPathNameW
LoadLibraryExA
LockFile
GetLocaleInfoW
CancelIo
LocalShrink
WaitForMultipleObjectsEx
HeapReAlloc
IsValidLocale
GetVersion
SetLastError
FindFirstChangeNotificationW
GetFileType
HeapCreate
OpenMutexA
WritePrivateProfileSectionA
SetLocalTime
GlobalFix
GetConsoleCursorInfo
GetVolumeInformationW
FlushFileBuffers
GetCurrentDirectoryA
SystemTimeToTzSpecificLocalTime
IsProcessorFeaturePresent
DefineDosDeviceA
SetProcessAffinityMask
UnlockFile
lstrcmpiA
SetSystemTime
ScrollConsoleScreenBufferA
SetFileApisToANSI
GetStartupInfoA
SearchPathW
DebugActiveProcess
GetEnvironmentVariableW
ReadConsoleW
GetOverlappedResult
UpdateResourceA
GetConsoleOutputCP
BackupSeek
IsBadReadPtr
VirtualUnlock
GetVersionExA
GetTapeStatus
LoadResource
FreeEnvironmentStringsW
GetTempFileNameW
HeapUnlock
lstrlenW
HeapFree
GetLastError
CreateTapePartition
GetFileInformationByHandle
ReadConsoleInputA
SetFileTime
MultiByteToWideChar
GetFileSize
VirtualFree
DeviceIoControl
InterlockedIncrement
GetPrivateProfileIntA
WritePrivateProfileSectionW
GetDefaultCommConfigA
ReadFileScatter
GetACP
SetLocaleInfoW
ClearCommError
ReadConsoleOutputCharacterA
OpenProcess
SetEnvironmentVariableW
EnumCalendarInfoW
WaitForMultipleObjects
SetVolumeLabelA
GetPrivateProfileSectionNamesW
GlobalHandle
CopyFileW
GetNumberFormatW
ExitProcess
EnumResourceTypesW
FindFirstFileW
GetDiskFreeSpaceExW
GetCalendarInfoA
GetSystemTime
GetSystemDirectoryA
GetFullPathNameA
Toolhelp32ReadProcessMemory
GetTempPathA
WriteConsoleInputW
GetComputerNameW
WritePrivateProfileStructA
GetConsoleMode
CreateNamedPipeA
GetModuleHandleA
EnumTimeFormatsW
SetCurrentDirectoryW
ExpandEnvironmentStringsA
TransmitCommChar
LCMapStringW
GetSystemTimeAdjustment
WriteConsoleInputA
GetCPInfo
SetUnhandledExceptionFilter
FindFirstChangeNotificationA
GetDevicePowerState
CreateIoCompletionPort
WriteConsoleA
SetCommBreak
DeleteFileA
GetProcessVersion
SizeofResource
DeleteFileW
GetLongPathNameA
lstrcatA
GetWindowsDirectoryA
FillConsoleOutputCharacterA
WaitNamedPipeA
GetPrivateProfileSectionW
ResumeThread
GetDriveTypeW
GetCurrentProcess
GetPrivateProfileStructA
LocalUnlock
Heap32ListFirst
FindNextChangeNotification
SetupComm
GetComputerNameA
FindResourceA
GetVolumeInformationA
GetConsoleScreenBufferInfo
ExitThread
OpenSemaphoreA
HeapLock
WriteProfileSectionW
HeapCompact
SetThreadExecutionState
GetDiskFreeSpaceA
SetErrorMode
InterlockedCompareExchange
IsDBCSLeadByte
SleepEx
GetSystemDirectoryW
BeginUpdateResourceW
CreateFileMappingA
LCMapStringA
SetComputerNameW
SetCalendarInfoW
HeapValidate
QueryPerformanceFrequency
GetCalendarInfoW
WriteFileEx
IsBadHugeWritePtr
SetEnvironmentVariableA
OpenFile
GetTimeFormatW
GetPrivateProfileIntW
WritePrivateProfileStringW
InterlockedExchangeAdd
LocalSize
_lread
VerLanguageNameW
LocalAlloc
GetWindowsDirectoryW
BackupRead
PeekNamedPipe
HeapSize
GetShortPathNameA
FoldStringW
SetHandleCount
SuspendThread
DisableThreadLibraryCalls
QueryPerformanceCounter
SetDefaultCommConfigA
EnumSystemCodePagesA
WaitNamedPipeW
EnumResourceLanguagesW
VirtualQuery
GetProcAddress
GetCommModemStatus
GetSystemPowerStatus
GetShortPathNameW
GlobalMemoryStatus
ReadProcessMemory
MoveFileExA
GetExitCodeThread
ContinueDebugEvent
_lwrite
OutputDebugStringA
FileTimeToDosDateTime
IsDBCSLeadByteEx
WriteConsoleOutputAttribute
GetFileAttributesA
GlobalFindAtomW
GetOEMCP
SetConsoleOutputCP
GetSystemInfo
RaiseException
user32
GetClassInfoA
MessageBeep
EnableWindow
GetKeyboardType
GetWindowTextW
DrawTextExW
CreateIconFromResourceEx
WinHelpA
CharUpperBuffW
ToUnicode
UnhookWindowsHook
CountClipboardFormats
SetCursor
CharToOemA
PtInRect
CallMsgFilterA
ShowScrollBar
VkKeyScanExA
GetKeyboardLayoutNameA
DialogBoxParamA
GetWindowTextLengthW
GetQueueStatus
MapVirtualKeyA
GetDlgItemTextW
VkKeyScanA
GetMenuState
InternalGetWindowText
IsWindow
GetCaretBlinkTime
DispatchMessageW
DestroyCaret
GetClipboardViewer
CharToOemBuffW
SetWindowTextA
GetClassWord
ArrangeIconicWindows
TabbedTextOutA
ChangeDisplaySettingsA
GetMenuStringA
GetShellWindow
SetScrollRange
LoadIconA
SetScrollInfo
SetForegroundWindow
IsCharUpperA
MenuItemFromPoint
SetPropA
CloseClipboard
InflateRect
DrawAnimatedRects
SetWindowLongW
DrawTextA
ValidateRect
GetMenuItemInfoW
SetMenuItemInfoA
RegisterClipboardFormatA
SwapMouseButton
UpdateWindow
CheckDlgButton
CreateIcon
InsertMenuItemW
GetWindowLongA
SetWindowPos
GetMessageExtraInfo
WinHelpW
CheckRadioButton
GetKeyboardLayoutNameW
EmptyClipboard
ReleaseCapture
CascadeWindows
GetMenuItemInfoA
OemToCharW
SetPropW
CreateWindowStationA
CreateWindowExW
GetWindowTextA
RegisterClassA
LoadAcceleratorsW
GetKeyNameTextW
OemToCharBuffA
SetCaretBlinkTime
LoadCursorA
SetCaretPos
SetUserObjectInformationW
SetWindowsHookExW
MapVirtualKeyW
GetKeyboardLayoutList
TabbedTextOutW
GetClassNameA
ChangeMenuA
GrayStringW
AppendMenuW
ShowCaret
DlgDirSelectExW
GetPropW
SetDoubleClickTime
CreateCaret
GetDlgItemTextA
GetWindowLongW
DefDlgProcW
EnumPropsExW
GetKeyboardLayout
SetClassWord
SetWindowRgn
CopyRect
EnableScrollBar
OpenInputDesktop
wsprintfW
GetActiveWindow
PostQuitMessage
ToAscii
IsCharUpperW
GetLastActivePopup
GetPropA
GetMessageW
GetSysColor
TranslateMessage
EnumDisplaySettingsW
CreateDesktopA
EnumClipboardFormats
IsIconic
PostMessageA
ShowCursor
CreateDialogParamW
CharNextW
VkKeyScanExW
FrameRect
SetDebugErrorLevel
OemToCharBuffW
ChangeDisplaySettingsExW
SetCapture
GetParent
CloseWindowStation
PostMessageW
InsertMenuItemA
ReleaseDC
keybd_event
DrawMenuBar
ToAsciiEx
CreateMDIWindowA
GetTabbedTextExtentA
DragDetect
EnableMenuItem
IsCharAlphaW
OemToCharA
LoadMenuIndirectW
GetWindowDC
OpenDesktopW
LoadStringW
SwitchToThisWindow
GetWindow
CreateDialogIndirectParamA
IsDialogMessageA
GetMenuCheckMarkDimensions
DlgDirSelectComboBoxExW
GetCursor
CreateMDIWindowW
MessageBoxExA
DlgDirListComboBoxW
SetParent
SendDlgItemMessageA
RegisterWindowMessageW
SetWindowLongA
CopyAcceleratorTableW
SetMenuItemBitmaps
SendDlgItemMessageW
OpenDesktopA
ActivateKeyboardLayout
ShowWindow
CreateAcceleratorTableW
MessageBoxIndirectW
ShowWindowAsync
GetMenuItemID
DrawEdge
IsRectEmpty
InsertMenuW
ChangeDisplaySettingsExA
SetMenu
EnumPropsA
ModifyMenuA
GetOpenClipboardWindow
DrawStateA
CharUpperW
GetClientRect
GetClipCursor
CreateCursor
MoveWindow
DefWindowProcW
RegisterClassExW
IsDialogMessageW
ScrollDC
SetProcessWindowStation
EndDialog
LoadBitmapW
DlgDirListA
GetCursorPos
TrackPopupMenuEx
SetActiveWindow
GetKeyboardState
SubtractRect
PeekMessageW
gdi32
SetDIBColorTable
DeleteEnhMetaFile
ExtCreateRegion
GetGraphicsMode
GetTextExtentPoint32A
SetPixelFormat
GetWindowExtEx
SetWindowOrgEx
GetColorAdjustment
EnumEnhMetaFile
SetDIBitsToDevice
RemoveFontResourceW
GetKerningPairsA
GetOutlineTextMetricsW
TranslateCharsetInfo
UpdateICMRegKeyA
GetMiterLimit
Arc
GetNearestColor
GetEnhMetaFileBits
GetBitmapBits
SetWinMetaFileBits
CreateHalftonePalette
GetCharABCWidthsFloatW
GetCharWidthW
GetTextCharsetInfo
GetObjectA
GetCharacterPlacementW
PolyPolyline
GetMetaFileW
PtVisible
EnumFontsW
GetGlyphOutlineA
GdiFlush
EnumICMProfilesA
CreateFontIndirectW
AbortPath
SetGraphicsMode
GetCharacterPlacementA
CreateDCA
BeginPath
GetDCOrgEx
GetTextCharacterExtra
SetBitmapDimensionEx
GetCharWidthFloatW
GetTextCharset
GetTextExtentExPointA
SelectPalette
IntersectClipRect
EndPage
SetROP2
CreatePen
FloodFill
GetMapMode
ExtSelectClipRgn
EnumFontFamiliesExW
GetDIBits
GetEnhMetaFileDescriptionW
Polyline
FlattenPath
SetICMProfileW
CreateColorSpaceW
FillRgn
SetBkColor
GetWinMetaFileBits
GetCharWidth32W
RectInRegion
TextOutA
SetWorldTransform
GetRegionData
PlgBlt
SetDeviceGammaRamp
CopyMetaFileW
PtInRegion
CreateICW
GetPolyFillMode
GetEnhMetaFileDescriptionA
CreateBrushIndirect
SetPaletteEntries
GetTextAlign
GetICMProfileA
PolyBezier
GetEnhMetaFileHeader
WidenPath
PolyPolygon
GetKerningPairsW
StartDocA
SelectObject
SetMiterLimit
CreateCompatibleBitmap
SetStretchBltMode
CreateEnhMetaFileW
CreatePatternBrush
AngleArc
CreateColorSpaceA
BitBlt
GetTextExtentExPointW
ResetDCW
DrawEscape
RemoveFontResourceA
GetCurrentObject
CreateEllipticRgnIndirect
LineTo
GetEnhMetaFileW
EnumFontFamiliesW
Polygon
GetBitmapDimensionEx
StartDocW
GetPixel
GetLogColorSpaceW
SetPixel
CopyEnhMetaFileW
CreateRoundRectRgn
SetTextColor
EnumObjects
ResetDCA
SetBitmapBits
SetPolyFillMode
CreateMetaFileW
SetColorSpace
GetViewportExtEx
GetCharABCWidthsFloatA
GetStretchBltMode
DeleteColorSpace
DescribePixelFormat
RectVisible
GetSystemPaletteEntries
comdlg32
GetSaveFileNameW
FindTextW
ChooseFontW
PageSetupDlgW
ChooseColorA
CommDlgExtendedError
ChooseColorW
ChooseFontA
GetFileTitleW
ReplaceTextA
advapi32
CryptGenRandom
RegEnumKeyExW
QueryServiceLockStatusW
ReadEventLogA
InitiateSystemShutdownA
CryptDuplicateKey
CreateProcessAsUserA
RegRestoreKeyA
GetSecurityDescriptorControl
RegDeleteValueA
EnumDependentServicesA
CryptSetHashParam
QueryServiceLockStatusA
BuildImpersonateTrusteeA
EnumServicesStatusW
GetExplicitEntriesFromAclA
DestroyPrivateObjectSecurity
GetSecurityDescriptorGroup
AllocateLocallyUniqueId
RegConnectRegistryA
GetAuditedPermissionsFromAclA
PrivilegeCheck
GetAuditedPermissionsFromAclW
LookupPrivilegeDisplayNameA
ImpersonateSelf
LookupAccountNameW
GetEffectiveRightsFromAclA
RegEnumValueW
RegEnumValueA
DuplicateToken
BuildImpersonateExplicitAccessWithNameA
LookupPrivilegeDisplayNameW
GetSidLengthRequired
IsValidSecurityDescriptor
RegEnumKeyA
MakeAbsoluteSD
CryptEncrypt
AbortSystemShutdownW
BuildExplicitAccessWithNameW
MapGenericMask
BuildTrusteeWithNameA
CryptVerifySignatureA
GetSidSubAuthority
AdjustTokenGroups
CloseEventLog
LookupPrivilegeValueA
CryptVerifySignatureW
GetNumberOfEventLogRecords
BuildExplicitAccessWithNameA
FreeSid
GetMultipleTrusteeOperationA
LookupAccountNameA
SetEntriesInAclW
EqualPrefixSid
UnlockServiceDatabase
RegSetValueExA
AreAllAccessesGranted
CryptImportKey
GetSidIdentifierAuthority
SetSecurityDescriptorGroup
RegGetKeySecurity
CryptContextAddRef
CryptSetProvParam
CryptEnumProvidersA
DeleteService
SetServiceBits
ReadEventLogW
CryptGetUserKey
ChangeServiceConfigA
BackupEventLogA
CryptDestroyKey
RegRestoreKeyW
SetServiceStatus
LookupAccountSidW
GetAce
GetUserNameA
OpenEventLogA
GetSecurityInfo
RegSaveKeyW
RegDeleteKeyW
CryptReleaseContext
RegEnumKeyExA
DeregisterEventSource
GetTrusteeTypeA
ObjectPrivilegeAuditAlarmA
GetServiceKeyNameA
LookupPrivilegeValueW
ObjectOpenAuditAlarmA
IsTextUnicode
SetPrivateObjectSecurity
EnumDependentServicesW
AddAuditAccessAce
CreateServiceA
RegLoadKeyW
RegSetValueExW
DeleteAce
LookupSecurityDescriptorPartsA
RegQueryInfoKeyW
LookupPrivilegeNameW
BackupEventLogW
RegQueryMultipleValuesA
GetServiceKeyNameW
LookupSecurityDescriptorPartsW
RegConnectRegistryW
DuplicateTokenEx
GetMultipleTrusteeW
LogonUserA
GetEffectiveRightsFromAclW
InitializeSid
AccessCheck
BuildImpersonateExplicitAccessWithNameW
shell32
Shell_NotifyIconA
SHEmptyRecycleBinW
ExtractAssociatedIconExW
ExtractIconExA
ShellAboutA
SHGetFileInfoA
ord179
DuplicateIcon
ShellExecuteW
Shell_NotifyIconW
SHInvokePrinterCommandA
SHGetFileInfoW
DragQueryFileA
SHGetSettings
DoEnvironmentSubstA
SHGetSpecialFolderLocation
FindExecutableW
ShellExecuteExW
DragQueryFileW
SHGetSpecialFolderPathW
ExtractIconW
SHLoadInProc
SHGetPathFromIDListA
SHEmptyRecycleBinA
SHChangeNotify
SHGetDataFromIDListA
msvcrt
__getmainargs
exit
_XcptFilter
_exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
Sections
.text Size: 288KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 19KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
5womnjrb Size: 43KB - Virtual size: 44KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
4ri6bh76 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ