Static task
static1
Behavioral task
behavioral1
Sample
e61448eafc85689c8e2eb6622bf8675230968654510a7720cb7e10874e0cf3af.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e61448eafc85689c8e2eb6622bf8675230968654510a7720cb7e10874e0cf3af.exe
Resource
win10v2004-20221111-en
General
-
Target
e61448eafc85689c8e2eb6622bf8675230968654510a7720cb7e10874e0cf3af
-
Size
308KB
-
MD5
23593c82ae440590d4c9a0a94f7579f0
-
SHA1
97190bf0c30743ad89596b35708c36d2c5e312c1
-
SHA256
e61448eafc85689c8e2eb6622bf8675230968654510a7720cb7e10874e0cf3af
-
SHA512
53e86e367d77c26d2c8bc21840b5f89778a8e9b80981ca53df9dcc379b163859c8054d4efe639a81c860284caffb1f5870e3ddcd2b782b39fd590fdeee255640
-
SSDEEP
3072:KEYEyrGLLwOkFLEJ+0udjo85Ag0FuAYmwQ/+fN1lKTP5luhZjIY:RLLsB0YAOAc/YRwIY
Malware Config
Signatures
Files
-
e61448eafc85689c8e2eb6622bf8675230968654510a7720cb7e10874e0cf3af.exe windows x86
cf21cb636de0c5206c2aec58911ff1cd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
GetClassLongA
CharUpperBuffA
GetKeyboardType
LoadStringA
MessageBoxA
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMenuStringW
GetMenuStringA
GetMenuState
GetMenuItemInfoW
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetWindowPlacement
GetClassInfoW
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateMDIWindowW
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharPrevW
CharNextW
CharLowerBuffW
CallWindowProcW
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
AttachThreadInput
CharPrevA
CharNextA
CharLowerBuffA
CharLowerA
shell32
ShellExecuteW
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHBrowseForFolderA
ShellExecuteA
wininet
InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
comctl32
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ord17
_TrackMouseEvent
kernel32
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapAlloc
GetTimeZoneInformation
HeapFree
TlsFree
TlsAlloc
GetModuleHandleW
IsValidCodePage
GetOEMCP
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
Sleep
VirtualFree
lstrlenA
lstrcpynA
LoadLibraryExA
GetStartupInfoA
GetCommandLineA
ExitProcess
ExitThread
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetFileSize
GetFileType
TlsSetValue
TlsGetValue
LocalAlloc
lstrlenW
lstrcpyA
lstrcmpA
WritePrivateProfileStringA
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualAlloc
SizeofResource
SetLastError
SetFilePointer
SetEvent
SetErrorMode
HeapSize
ResumeThread
ResetEvent
ReleaseMutex
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LocalFree
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalGetAtomNameA
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetVersion
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetTempPathW
GetTempPathA
GetStringTypeExW
GetStringTypeExA
GetStdHandle
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileAttributesW
GetFileAttributesA
GetExitCodeThread
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetComputerNameA
GetCommandLineW
GetCPInfo
GetACP
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
SetEndOfFile
GetTimeFormatA
CloseHandle
VirtualAllocEx
OpenProcess
GetCurrentProcessId
CreateIoCompletionPort
SetThreadLocale
GetSystemPowerStatus
BackupSeek
GlobalMemoryStatusEx
SetVolumeLabelA
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
EnumCalendarInfoA
FindClose
FindFirstFileA
FindFirstFileW
FindResourceA
FormatMessageA
FormatMessageW
FreeLibrary
FreeResource
Sections
.text Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 112KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ