Static task
static1
Behavioral task
behavioral1
Sample
5bff8d5b761604826ea34ed4f2a523fe6a401a238be5e1423e5882d453468be2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5bff8d5b761604826ea34ed4f2a523fe6a401a238be5e1423e5882d453468be2.exe
Resource
win10v2004-20220812-en
General
-
Target
5bff8d5b761604826ea34ed4f2a523fe6a401a238be5e1423e5882d453468be2
-
Size
748KB
-
MD5
0ce1b3f870a0b0e86b6675e324ed3027
-
SHA1
30412d57c923d34473969280f0950e5758307f09
-
SHA256
5bff8d5b761604826ea34ed4f2a523fe6a401a238be5e1423e5882d453468be2
-
SHA512
45978f308078303a04b5621bfab46e28e8cddf80041b41747d8779b569aa523f82dae256c0393e8500ba63ce4b7624cb43bf68a7f02aa3b33428e8d7c0d516bc
-
SSDEEP
12288:8l692t9lPrqTNpO1qKOhlOh71xzUq4DZmg4egQEWt7xCmvxBGznXXnFkcQIqk+9:8QGqO11OOPxzBSZhpgE7xC+xBGHnFaIU
Malware Config
Signatures
Files
-
5bff8d5b761604826ea34ed4f2a523fe6a401a238be5e1423e5882d453468be2.exe windows x86
726570f3ed676595d5789d3cc7924d3d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindVolumeClose
LocalSize
GetCommandLineA
GetCurrentDirectoryW
GetModuleHandleA
WriteFile
GetDriveTypeA
HeapCreate
GetFileAttributesA
GetModuleFileNameA
CreateSemaphoreA
HeapFree
FindVolumeClose
GetTickCount
IsBadReadPtr
GetFileType
FindClose
ExitThread
CancelIo
WaitForMultipleObjects
CreateDirectoryA
lstrlenA
EnterCriticalSection
GetFileTime
CloseHandle
uxtheme
GetWindowTheme
GetThemeEnumValue
SetWindowTheme
OpenThemeData
GetThemeTextMetrics
GetThemeTextExtent
GetThemeColor
GetThemeBool
DrawThemeEdge
CloseThemeData
IsThemeActive
CloseThemeData
DrawThemeBackground
drprov
NPGetCaps
NPGetCaps
NPGetCaps
NPGetCaps
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 740KB - Virtual size: 768KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
iardvmr Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE