Static task
static1
Behavioral task
behavioral1
Sample
61700e7e8e5e85442c98aaee0a79ee1e6341eb8a58d7aef8b20dcafc0a9958e4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
61700e7e8e5e85442c98aaee0a79ee1e6341eb8a58d7aef8b20dcafc0a9958e4.exe
Resource
win10v2004-20220901-en
General
-
Target
61700e7e8e5e85442c98aaee0a79ee1e6341eb8a58d7aef8b20dcafc0a9958e4
-
Size
274KB
-
MD5
0e42230a0215d5bebfadf0ec707bdf3c
-
SHA1
16765ddee3fad27f7d2d8ab05ec6ee7bc7746cfa
-
SHA256
61700e7e8e5e85442c98aaee0a79ee1e6341eb8a58d7aef8b20dcafc0a9958e4
-
SHA512
678d599e3a1b3af082b3c9db5161929e0a7d014cf8f4cc3f2ea878dcef0c17a138670a71bc398de910db0ca462685bef28b8f74a427998f0f923760c2a86e624
-
SSDEEP
6144:qrQshbgzkwMgaRMfHGDmR/q+s7eDb7zz6nWPQJ+w:AafaRk5R/Q7eDb7zDy+w
Malware Config
Signatures
Files
-
61700e7e8e5e85442c98aaee0a79ee1e6341eb8a58d7aef8b20dcafc0a9958e4.exe windows x86
14c50306ba71e7354d1686d21f5a66ea
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Module32FirstW
Module32NextW
OpenProcess
VirtualAllocEx
lstrlenW
WriteProcessMemory
CreateRemoteThread
CreateProcessW
GetModuleHandleW
WaitForSingleObject
VirtualFreeEx
GetModuleFileNameW
ExpandEnvironmentStringsW
CopyFileW
lstrcmpA
CreateToolhelp32Snapshot
GetCurrentProcessId
GetVersion
CreateMutexW
Process32NextW
GetLastError
lstrlenA
LocalFree
OpenEventW
CloseHandle
SetEvent
lstrcmpiW
FindResourceW
LoadResource
LockResource
CreateFileW
FreeResource
DeleteFileW
FlushFileBuffers
WriteFile
Process32FirstW
SizeofResource
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
advapi32
OpenProcessToken
LookupPrivilegeValueW
RegDeleteKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
AdjustTokenPrivileges
shlwapi
StrCmpNW
wnsprintfA
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 231KB - Virtual size: 231KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ