Static task
static1
Behavioral task
behavioral1
Sample
3bf8155bd051945bf2e017311392ce5a03f5deef4cd02ef1521907d3c1607444.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3bf8155bd051945bf2e017311392ce5a03f5deef4cd02ef1521907d3c1607444.exe
Resource
win10v2004-20221111-en
General
-
Target
3bf8155bd051945bf2e017311392ce5a03f5deef4cd02ef1521907d3c1607444
-
Size
121KB
-
MD5
35798c129c35ad80e44e8b206ccf3250
-
SHA1
d27f5850cd5f497d9d67185c0b88c7ec28d40f39
-
SHA256
3bf8155bd051945bf2e017311392ce5a03f5deef4cd02ef1521907d3c1607444
-
SHA512
19dc093ed92d7e58c40e4c65c8437efbc013c912ce7fa79017f830f862372b48a10d710b9867101a089f03c1ee283f607e766a7e7fb461cf040e89f03c3391e0
-
SSDEEP
3072:53K1Pot8QcrD1W6c+5s7d2a+e874/MHiswK:53K1BXs7ca+e5UCsZ
Malware Config
Signatures
Files
-
3bf8155bd051945bf2e017311392ce5a03f5deef4cd02ef1521907d3c1607444.exe windows x86
6ecaccbdaa677de074c2673689b28fa2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
BuildCommDCBAndTimeoutsW
SetConsoleOutputCP
GetModuleHandleA
IsDebuggerPresent
SetThreadAffinityMask
GetStringTypeW
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetTempFileNameA
HeapSize
Sleep
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
VerLanguageNameW
VerLanguageNameA
VirtualAlloc
GetProcAddress
GetLastError
GetVolumePathNameA
GetModuleFileNameW
ReadFile
MulDiv
GetComputerNameExA
HeapCreate
GetProcessHandleCount
SizeofResource
GlobalFindAtomA
SetHandleCount
VirtualFree
LocalFlags
GetTickCount
GetModuleHandleW
LockFile
SleepEx
GetNamedPipeHandleStateA
GetCurrentProcess
GetCPInfo
GetCommandLineW
MoveFileExA
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
WriteFile
ExitProcess
SetUnhandledExceptionFilter
DecodePointer
EncodePointer
HeapFree
HeapAlloc
IsProcessorFeaturePresent
RaiseException
GetStartupInfoW
HeapSetInformation
user32
GetShellWindow
CharToOemA
GetClipboardOwner
ValidateRect
GetKeyboardType
IsDlgButtonChecked
GetMessageA
RealGetWindowClassW
MapDialogRect
CreateDialogParamA
MonitorFromPoint
GetMenuItemID
GetParent
GetGuiResources
DdeGetData
CreateMenu
DlgDirListA
GetForegroundWindow
GetWindowPlacement
DlgDirListComboBoxA
GetDCEx
ScrollWindow
DestroyCaret
gdi32
DrawEscape
DeleteObject
Ellipse
DeleteMetaFile
EndDoc
DescribePixelFormat
comdlg32
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
ChooseColorW
PrintDlgExA
GetFileTitleA
GetFileTitleW
FindTextW
PrintDlgExW
PrintDlgW
GetSaveFileNameW
ReplaceTextW
PrintDlgA
ChooseFontA
GetOpenFileNameW
FindTextA
PageSetupDlgW
ChooseFontW
PageSetupDlgA
ReplaceTextA
CommDlgExtendedError
advapi32
CryptGenKey
CryptDecrypt
CryptCreateHash
CryptContextAddRef
oleaut32
VarI4FromCy
SafeArrayCreate
VarDecSu
VarNeg
SafeArrayGetDim
VariantChangeType
VarR8FromI2
SafeArrayRedim
SafeArrayAllocData
VarI1FromDisp
VarUI4FromUI1
LPSAFEARRAY_UserMarshal
VarCyFromI8
VarCyFromUI2
VarDecMul
VarUI8FromUI4
VarDecAdd
VarR4FromI8
VarI1FromI2
VarDateFromDec
VarCyAbs
SafeArrayUnaccessData
VarI2FromI1
VarFormatPercent
VarDecFromI2
VarUI2FromDec
VarI8FromBool
VarCyCmpR8
VarR4FromUI4
VarR4FromR8
VarI1FromUI2
VarFormatFromTokens
SafeArrayGetUBound
VarI1FromDate
VarFormatDateTime
VectorFromBstr
VarPow
VarCyFromR4
VarUI2FromStr
QueryPathOfRegTypeLi
VarCat
VarUI1FromR8
SysReAllocStringLen
VarFormatCurrency
VarUI1FromUI8
VarCyFromDate
VarUI2FromDate
VarR4FromStr
VarBstrFromI1
VarUI1FromCy
LPSAFEARRAY_UserUnmarshal
VarUdateFromDate
VarUI8FromR4
VarDateFromUI4
VarBstrFromI8
VarDecFromI1
VarI1FromStr
version
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeA
VerQueryValueW
VerInstallFileA
VerInstallFileW
GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeW
VerFindFileW
Sections
.text Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.1 Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 73KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ