Static task
static1
Behavioral task
behavioral1
Sample
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0.exe
Resource
win7-20220812-en
General
-
Target
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
Size
129KB
-
MD5
334bbeb43873d5464982389df3821094
-
SHA1
61a8696cd2d12fe9f7e2eebb9726a168523fcf60
-
SHA256
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
SHA512
fba22afcfc3cae551c883746ba7a507c909d4d4a3a99c0267470bb5ba9638b61bf40129944e6463bdb996d7e89d0868c692ac55820d3fe9c53aaadb9f8522d83
-
SSDEEP
3072:Klgw177mTmSMyyhOYOfSh2wnebvS8wTyoaii:KdwknZq82+/hyH
Malware Config
Signatures
Files
-
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0.exe windows x86
83b6fc061abe9f99a55d6b5afbfa3d08
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesA
GetFileInformationByHandle
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapCreate
HeapDestroy
HeapReAlloc
LCMapStringA
GetCurrentDirectoryA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
SetErrorMode
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
WaitForSingleObject
WideCharToMultiByte
_lclose
lstrcpynA
lstrlenA
lstrlenW
GetCommandLineW
GetCPInfo
GetACP
FreeLibrary
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateMutexA
CreateFileMappingA
LCMapStringW
CloseHandle
user32
MessageBoxA
SendMessageTimeoutA
GetWindowThreadProcessId
SetForegroundWindow
LoadCursorA
LoadIconA
LoadIconW
LoadStringA
gdi32
GetStockObject
GetObjectA
GetDeviceCaps
DeleteObject
CreateFontIndirectA
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
shlwapi
PathRemoveFileSpecA
StrStrIA
StrCmpIW
SHSetValueA
SHGetValueA
msvcrt
memcpy
_vsnprintf
Sections
.text Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 95KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 778B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ