Static task
static1
Behavioral task
behavioral1
Sample
b7257d96d19ab3162b099bc071b782df1282112352e9ca1c9355b4b35a8fe84b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b7257d96d19ab3162b099bc071b782df1282112352e9ca1c9355b4b35a8fe84b.exe
Resource
win10v2004-20220812-en
General
-
Target
b7257d96d19ab3162b099bc071b782df1282112352e9ca1c9355b4b35a8fe84b
-
Size
263KB
-
MD5
06b7c45399a2f73c15d9642f3fc48f50
-
SHA1
4b298eb1bf25532c5350544fec40880acf13cb39
-
SHA256
b7257d96d19ab3162b099bc071b782df1282112352e9ca1c9355b4b35a8fe84b
-
SHA512
464f21b526a1c0a6f63dc5f24750fafa0a40ac6df0777840ae8f99717ff86967bb3f4803d604f2bf317164e33dc589528554ea5c037045223e230497eda8dc1b
-
SSDEEP
6144:eaC9hKL7S5I8BV5eruUrXzzHRo0YC5Mnlu1w6b5OZUVgP:eLbKimiVA6U7HRvglu1la3
Malware Config
Signatures
Files
-
b7257d96d19ab3162b099bc071b782df1282112352e9ca1c9355b4b35a8fe84b.exe windows x86
e69868d8fb50417e21b9668a553d16ab
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wtsapi32
WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSRegisterSessionNotification
msimg32
TransparentBlt
kernel32
GetProcessHeap
CreateProcessA
HeapFree
HeapAlloc
TerminateProcess
IsDebuggerPresent
WideCharToMultiByte
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapSize
SystemTimeToFileTime
QueryPerformanceCounter
Sleep
GetSystemTime
lstrlenA
LoadLibraryW
GetStdHandle
HeapFree
GetCurrentProcess
LocalAlloc
GetACP
UnhandledExceptionFilter
WriteFile
GetCurrentThreadId
EnumResourceTypesW
GetEnvironmentVariableA
GetStartupInfoA
HeapReAlloc
InterlockedCompareExchange
LZOpenFileA
GetThreadLocale
RaiseException
HeapDestroy
GetCurrentProcessId
InterlockedExchange
GetModuleHandleA
CreateFileW
GetTickCount
lstrlenW
LoadLibraryExW
MultiByteToWideChar
CloseHandle
lstrcpynW
oleacc
LresultFromObject
AccessibleObjectFromEvent
Sections
.text Size: 57KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 202KB - Virtual size: 202KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ