Static task
static1
Behavioral task
behavioral1
Sample
50efdd37a1c479609dac19c73e51b56ba5d6b3cdffd581dfd4ecc16e16cd4c79.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
50efdd37a1c479609dac19c73e51b56ba5d6b3cdffd581dfd4ecc16e16cd4c79.exe
Resource
win10v2004-20220901-en
General
-
Target
50efdd37a1c479609dac19c73e51b56ba5d6b3cdffd581dfd4ecc16e16cd4c79
-
Size
320KB
-
MD5
0cf09a6f066e7f3905151334d6e49b60
-
SHA1
5bcd51a5e094e2f04a8267a0d5f9f12b6a600748
-
SHA256
50efdd37a1c479609dac19c73e51b56ba5d6b3cdffd581dfd4ecc16e16cd4c79
-
SHA512
f9814088ac6e60ad62e3bfdaa3e1766b4d214430db12af1e71735d62901d6aeac7127d9652fd8dd5260edd697a76cf28f36e899c87fe2644dc23fc88a3f8c37f
-
SSDEEP
6144:MER/xSH2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:VQ2EB0NxDIBuOFe7/uT
Malware Config
Signatures
Files
-
50efdd37a1c479609dac19c73e51b56ba5d6b3cdffd581dfd4ecc16e16cd4c79.exe windows x86
dff01d88e8a903ed2be72c7e8f59c239
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RemoveDirectoryW
lstrcmp
DnsHostnameToComputerNameA
EnumSystemLocalesW
GetBinaryType
GetBinaryTypeW
SetFirmwareEnvironmentVariableW
IsBadWritePtr
HeapUsage
GetThreadLocale
WaitNamedPipeA
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.brdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tc Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE