Static task
static1
Behavioral task
behavioral1
Sample
HoAlTUYCD.exe
Resource
win7-20221111-en
General
-
Target
MDE_File_Sample_dc4d334d6c6969514c14f4b232e08ba31583ce35.zip
-
Size
2.2MB
-
MD5
feb8b253a65014970d3e2f42ad4c4889
-
SHA1
82d151dfe0d1f8e47740a3c0f2ed47dd38c726c3
-
SHA256
e9c914d974bd3bf53477fbc789b0ec9fdd2178fc7f76f3816142ea1b32cd14bc
-
SHA512
29b4aacb3850153aeb2f0153bc9c1a71022c400348d2163385d352a55c311e0562e7a3122219fb3a2621ccfc4d4b791ce8537235a0007fb4f0f5bfba1a2fe79e
-
SSDEEP
49152:fQMevo8cr9tBKvt047Bs8DFCcv2VLGjYhwXW8bMPoAleXz4rD4RH:YMevIMa4ihTGz5TAey45
Malware Config
Signatures
Files
-
MDE_File_Sample_dc4d334d6c6969514c14f4b232e08ba31583ce35.zip.zip
Password: infected
-
HoAlTUYCD.exe.exe windows x86
Password: infected
407e3b5378b3b0b56c578f72b3227fa9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
user32
ReleaseDC
gdi32
CreateDCA
Sections
.MPRESS1 Size: 2.2MB - Virtual size: 6.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE