Static task
static1
Behavioral task
behavioral1
Sample
a8f2954c2524ed7894b071b05915b0b9a71d4d239da85fd9c6c17a64f963244d.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
a8f2954c2524ed7894b071b05915b0b9a71d4d239da85fd9c6c17a64f963244d.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
a8f2954c2524ed7894b071b05915b0b9a71d4d239da85fd9c6c17a64f963244d
-
Size
284KB
-
MD5
09ab0340fe5f9f7bcdc98bfb095d0963
-
SHA1
16829538b61ceef73c9d3916e6bd88ff14c18a64
-
SHA256
a8f2954c2524ed7894b071b05915b0b9a71d4d239da85fd9c6c17a64f963244d
-
SHA512
7a195707fc2a82e70c178b15ee1d23881bb0fabc9833918ced178501c2683af0d0275af7aeff80e5a6fda3abaaadfce628ffbfa8d1f4ca4d75567d0bc50c2609
-
SSDEEP
6144:Zh5jFmdyFNhbduQbF4jLBCy/drTqergjXYP:ZhZEMHRumqjLBCkrTFgjIP
Malware Config
Signatures
Files
-
a8f2954c2524ed7894b071b05915b0b9a71d4d239da85fd9c6c17a64f963244d.exe windows x86
b60646fdf81bb6f7c378fc07cbbfed4e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetCapture
GetCursorPos
GetSystemMenu
SetWindowPos
ReuseDDElParam
GetWindowTextA
FillRect
DrawFocusRect
CloseClipboard
DefFrameProcA
GetClientRect
ShowCaret
IsZoomed
CallWindowProcA
GetWindowTextW
DrawIcon
DrawMenuBar
GetMenuItemCount
GetNextDlgGroupItem
LoadIconA
ClientToScreen
GetWindowTextLengthA
CreateCursor
SetMenu
IsWindowEnabled
UnhookWindowsHookEx
TranslateAcceleratorW
CreateDialogParamW
SetClipboardViewer
GetWindow
SetRectEmpty
SetRect
RegisterClassW
LoadStringW
GetParent
DrawTextExA
SetForegroundWindow
CreateDialogIndirectParamW
GetMenuStringA
ScreenToClient
PeekMessageW
SetWindowPlacement
DestroyCursor
MessageBoxW
DestroyWindow
GetDlgItemInt
EnumClipboardFormats
BringWindowToTop
PostQuitMessage
WindowFromPoint
MessageBoxA
GetClassLongA
FrameRect
TabbedTextOutA
SetScrollPos
GetClassNameA
GetSysColor
IntersectRect
PtInRect
CallWindowProcW
LoadMenuW
GetSystemMetrics
GetNextDlgTabItem
DestroyAcceleratorTable
ReleaseCapture
SendDlgItemMessageA
CharUpperA
CheckMenuItem
GetDlgCtrlID
GrayStringW
InsertMenuA
SetCursorPos
MapWindowPoints
GetWindowRgn
CallNextHookEx
ModifyMenuA
WaitForInputIdle
DefDlgProcA
SetWindowLongA
SetWindowContextHelpId
RedrawWindow
CopyAcceleratorTableA
GetClassInfoExW
TabbedTextOutW
SetDlgItemTextA
PostMessageW
RemoveMenu
UnionRect
GetTopWindow
IsDialogMessageW
PostMessageA
GetClassInfoA
ModifyMenuW
MoveWindow
GetTabbedTextExtentA
GetWindowDC
SetWindowsHookExA
GetWindowPlacement
LoadCursorA
GetFocus
IsMenu
IsIconic
SetActiveWindow
GetDesktopWindow
InsertMenuW
GrayStringA
SendMessageA
GetMenuStringW
SetFocus
GetSysColorBrush
UnregisterClassA
CreateWindowExA
GetActiveWindow
GetDlgItem
OpenClipboard
GetMessageA
DrawTextW
SetWindowsHookExW
GetMenu
EndPaint
SetCapture
SetMenuItemBitmaps
DefWindowProcA
SetPropA
SystemParametersInfoA
PostThreadMessageA
GetDC
ValidateRgn
GetClassInfoExA
GetDlgItemTextW
LoadBitmapW
DrawCaption
InvalidateRect
DrawFrameControl
UnregisterClassW
LoadImageA
CopyIcon
HideCaret
IsChild
MapDialogRect
GetClipboardFormatNameA
CreatePopupMenu
PeekMessageA
ValidateRect
wsprintfA
CreateCaret
DrawStateW
CharNextA
ChildWindowFromPoint
MessageBeep
wsprintfW
WaitMessage
DrawTextA
AdjustWindowRectEx
IsWindow
LoadAcceleratorsA
CreateMenu
EnumWindows
GetMessagePos
DestroyMenu
SetScrollInfo
CopyRect
DestroyIcon
GetKeyState
GetDCEx
GetMenuItemInfoA
EnableWindow
DrawEdge
ScrollWindow
TranslateMessage
EmptyClipboard
GetWindowRect
EnableMenuItem
KillTimer
TranslateAcceleratorA
GetSubMenu
GetMenuItemID
RegisterClipboardFormatW
TrackPopupMenu
SetPropW
DrawTextExW
ShowWindow
BeginDeferWindowPos
EqualRect
RegisterClassExA
GetMenuState
SetWindowTextA
GetMenuItemInfoW
RegisterWindowMessageA
GetClassNameW
SetWindowRgn
LoadMenuA
DestroyCaret
CreateAcceleratorTableW
SendMessageTimeoutA
OffsetRect
CheckMenuRadioItem
CreateAcceleratorTableA
EndDialog
GetForegroundWindow
ShowOwnedPopups
SetCursor
SetParent
UpdateWindow
SendMessageW
SendInput
GetMessageTime
DefWindowProcW
RegisterWindowMessageW
InvalidateRgn
BeginPaint
InflateRect
LoadCursorW
RegisterClipboardFormatA
GetMonitorInfoW
DispatchMessageW
DrawStateA
GetScrollPos
SetMenuDefaultItem
GetWindowLongA
WinHelpA
SetScrollRange
GetIconInfo
SetTimer
RegisterClassA
GetCursor
LockWindowUpdate
AppendMenuW
SystemParametersInfoW
DispatchMessageA
ShowScrollBar
GetMenuCheckMarkDimensions
CharNextW
IsWindowVisible
EndDeferWindowPos
GetPropA
SetDlgItemTextW
SetClipboardData
IsRectEmpty
EnumChildWindows
ReleaseDC
GetAsyncKeyState
RemovePropA
SetMenuItemInfoW
comctl32
ImageList_Write
PropertySheetA
ImageList_GetIcon
ImageList_EndDrag
ImageList_DragMove
ImageList_Replace
ImageList_Duplicate
PropertySheetW
ImageList_Add
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_Draw
ImageList_Destroy
ImageList_GetImageInfo
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_SetImageCount
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_Remove
ImageList_BeginDrag
CreateToolbarEx
ImageList_DragEnter
InitCommonControlsEx
ImageList_AddMasked
ord17
CreateStatusWindowW
ImageList_SetOverlayImage
_TrackMouseEvent
ImageList_Read
ImageList_Create
ImageList_GetIconSize
ImageList_DragShowNolock
kernel32
CreateProcessW
GetUserDefaultLangID
SetEndOfFile
GlobalFree
DuplicateHandle
GetTempFileNameA
LocalReAlloc
LCMapStringW
GetCurrentDirectoryW
PeekNamedPipe
WriteFile
GetStringTypeA
lstrcpyA
GetEnvironmentStringsW
GetCurrentThreadId
GetOEMCP
lstrcmpA
HeapReAlloc
GetACP
GetFileTime
GlobalReAlloc
CreateDirectoryA
LocalFileTimeToFileTime
GetConsoleOutputCP
GetFileAttributesExA
IsDebuggerPresent
GetLogicalDrives
IsBadCodePtr
FindClose
LocalFree
InterlockedIncrement
GetProcAddress
GetStartupInfoW
GetExitCodeProcess
GetCommandLineA
TlsFree
FlushFileBuffers
DeleteCriticalSection
SetCurrentDirectoryA
LoadLibraryA
Thread32First
FormatMessageA
VirtualQuery
GetModuleHandleA
SizeofResource
GetUserDefaultLCID
LCMapStringA
FileTimeToDosDateTime
GlobalSize
OpenMutexA
HeapCreate
GetSystemTime
lstrcmpW
GetCurrentDirectoryA
MultiByteToWideChar
GetTickCount
GetCurrentProcess
GetStdHandle
GetPrivateProfileStringA
GetModuleFileNameW
OutputDebugStringA
LeaveCriticalSection
GetDateFormatA
GetFullPathNameA
GetCommandLineW
VirtualAlloc
PulseEvent
GetModuleFileNameA
TlsAlloc
lstrlenW
TlsSetValue
ExitProcess
GetCurrentThread
InterlockedExchange
CreateEventA
CreateThread
GlobalAlloc
Thread32Next
WritePrivateProfileStringA
WideCharToMultiByte
LoadLibraryExW
GetProcessVersion
EnumSystemLocalesA
CopyFileA
GetFileType
CreateFileW
SetEnvironmentVariableA
HeapFree
CloseHandle
GlobalAddAtomW
GetStringTypeW
CompareStringA
LoadLibraryW
lstrcpynW
FreeResource
QueryPerformanceFrequency
SetStdHandle
RaiseException
GlobalDeleteAtom
GetSystemTimeAsFileTime
GetThreadPriority
SetFilePointer
GetVersionExA
ResumeThread
LockResource
ExitThread
InterlockedCompareExchange
GetSystemInfo
SetEvent
InitializeCriticalSection
VirtualProtect
FatalAppExitA
TerminateThread
FreeEnvironmentStringsW
QueryPerformanceCounter
SetThreadPriority
EnumResourceLanguagesA
GetFileSize
HeapSize
EnterCriticalSection
WaitForMultipleObjects
IsBadReadPtr
GetThreadLocale
LocalAlloc
DeleteFileW
UnhandledExceptionFilter
GlobalAddAtomA
GetLastError
MulDiv
CreateFileMappingA
SetUnhandledExceptionFilter
CreateEventW
WriteConsoleW
ReleaseMutex
UnmapViewOfFile
RemoveDirectoryW
FindNextFileA
ReadFile
FreeEnvironmentStringsA
GlobalHandle
CreateFileA
LoadResource
MoveFileA
GetVersion
WaitForSingleObject
IsValidCodePage
SetHandleCount
MapViewOfFile
OpenFileMappingA
FindResourceExA
VirtualUnlock
GetSystemDefaultLangID
lstrcpyW
FileTimeToSystemTime
GetCPInfo
GlobalFlags
lstrcmpiA
ConvertDefaultLocale
GetShortPathNameA
DeleteFileA
InterlockedDecrement
GetTempPathA
GetSystemDirectoryW
GetProcessHeap
FindFirstFileA
FreeLibrary
VirtualFree
SetLastError
CreateMutexA
ResetEvent
GetProfileStringA
GetDateFormatW
GetTimeZoneInformation
CreateMutexW
GlobalFindAtomA
DeviceIoControl
TlsGetValue
LockFile
GetLocalTime
GetConsoleCP
GetShortPathNameW
UnlockFile
GetWindowsDirectoryW
lstrcpynA
GlobalUnlock
RtlUnwind
GetEnvironmentStrings
GetTempPathW
GetStartupInfoA
GetFullPathNameW
lstrlenA
Sleep
TerminateProcess
IsBadWritePtr
HeapAlloc
CreateFileMappingW
GetCurrentProcessId
CompareStringW
WriteConsoleA
HeapDestroy
GetVolumeInformationW
SetErrorMode
GetExitCodeThread
gdi32
GetColorAdjustment
GetMiterLimit
CreateEllipticRgn
EndPath
PlayMetaFileRecord
SetPixelV
ExtFloodFill
DPtoLP
Pie
GetDIBits
PathToRegion
OffsetViewportOrgEx
PolyBezierTo
StrokeAndFillPath
GetTextExtentPointA
CreateDCA
SetBrushOrgEx
EndPage
GetTextExtentPoint32W
EndDoc
CreatePalette
ExtTextOutW
GetTextCharsetInfo
CreatePatternBrush
PolyPolyline
SetMapMode
Ellipse
SaveDC
GetROP2
GetGraphicsMode
PlgBlt
GetTextMetricsW
CreatePolygonRgn
GetDeviceCaps
CreateEllipticRgnIndirect
GetPolyFillMode
GetClipBox
UpdateColors
LineTo
SetDIBColorTable
SetWindowExtEx
GetBoundsRect
CreateCompatibleDC
GetSystemPaletteEntries
SetBkMode
PlayMetaFile
GetBrushOrgEx
PaintRgn
GetPixel
ExcludeClipRect
PolyBezier
EnumFontFamiliesA
DrawEscape
StretchDIBits
ArcTo
ExtTextOutA
Polygon
SetDIBitsToDevice
GetTextColor
GetCharWidthA
CreateDIBSection
GetObjectW
GetFontData
AbortPath
DeleteObject
GetStretchBltMode
GetTextFaceA
ExtCreatePen
CreateDIBPatternBrushPt
ModifyWorldTransform
CreatePen
EnumObjects
GetAspectRatioFilterEx
SetPixel
UnrealizeObject
CreateFontA
GetNearestPaletteIndex
GetCharWidthW
Polyline
SelectPalette
RoundRect
SetPaletteEntries
GetBkColor
TextOutA
CreateDIBitmap
SetRectRgn
AngleArc
OffsetWindowOrgEx
SetDIBits
GetDCOrgEx
GetPath
CreateFontIndirectW
GetNearestColor
GetEnhMetaFileHeader
SetTextColor
GetStockObject
ExtCreateRegion
SetWindowOrgEx
CopyMetaFileA
DeleteMetaFile
CloseEnhMetaFile
RestoreDC
GetOutlineTextMetricsA
WidenPath
GetClipRgn
StartDocA
PolyDraw
OffsetClipRgn
TranslateCharsetInfo
CreateRectRgnIndirect
PtVisible
EnumFontFamiliesExA
ScaleViewportExtEx
FillRgn
GetGlyphOutlineW
CreateDiscardableBitmap
BitBlt
SelectObject
GetRegionData
GetMapMode
CreateDCW
OffsetRgn
ScaleWindowExtEx
SelectClipRgn
GdiFlush
GetViewportExtEx
DeleteDC
GetCharABCWidthsW
CombineRgn
GetObjectType
SetViewportOrgEx
GetCharABCWidthsFloatA
GetTextAlign
GetRgnBox
GetTextExtentExPointW
RectInRegion
EnumMetaFile
GetGlyphOutlineA
BeginPath
MoveToEx
GetWindowExtEx
StartPage
CreateCompatibleBitmap
FlattenPath
RectVisible
GetTextExtentPoint32A
GetCharABCWidthsA
SetGraphicsMode
CreateRectRgn
GetBkMode
SetStretchBltMode
RealizePalette
GetTextMetricsA
SetPolyFillMode
GetCharABCWidthsFloatW
CopyMetaFileW
AnimatePalette
GetCurrentObject
SetMiterLimit
PtInRegion
AbortDoc
DeleteEnhMetaFile
CreateICA
Escape
PlayEnhMetaFile
CreateSolidBrush
SetAbortProc
SetTextCharacterExtra
SetMapperFlags
CreateFontIndirectA
EqualRgn
Arc
FrameRgn
GdiComment
LPtoDP
GetObjectA
PatBlt
StretchBlt
CreateEnhMetaFileA
IntersectClipRect
SetBkColor
GetViewportOrgEx
SetViewportExtEx
SetTextJustification
SetROP2
SetColorAdjustment
CreateBitmapIndirect
GetKerningPairsA
SetTextAlign
Rectangle
TextOutW
CreateBitmap
GetCurrentPositionEx
CreateRoundRectRgn
ExtSelectClipRgn
GetPaletteEntries
GetCharWidthFloatA
advapi32
GetTokenInformation
DeleteService
OpenServiceA
CreateServiceA
OpenServiceW
RegCreateKeyExW
DuplicateToken
OpenThreadToken
RegDeleteKeyA
RegDeleteValueA
RegOpenCurrentUser
CryptAcquireContextA
CloseServiceHandle
RegCreateKeyA
RegOpenKeyExA
OpenSCManagerA
RegOpenKeyA
RegEnumValueW
CryptDestroyHash
RegEnumKeyExA
AdjustTokenPrivileges
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
DeleteAce
OpenSCManagerW
RegisterServiceCtrlHandlerW
CryptEncrypt
InitializeSecurityDescriptor
StartServiceA
CryptReleaseContext
AddAce
GetUserNameA
RegDeleteKeyW
RegQueryValueExA
RegFlushKey
DeregisterEventSource
RegQueryValueA
CryptDeriveKey
CryptHashData
OpenProcessToken
FreeSid
CryptCreateHash
RegisterServiceCtrlHandlerA
RegDeleteValueW
StartServiceCtrlDispatcherW
RegSetValueExW
RegQueryInfoKeyA
GetLengthSid
RegSetValueExA
RegQueryInfoKeyW
SetSecurityDescriptorDacl
InitializeAcl
LookupPrivilegeValueW
LookupPrivilegeValueA
RegisterEventSourceW
ChangeServiceConfigA
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
ControlService
shlwapi
PathIsURLW
PathFindExtensionW
PathRenameExtensionW
PathIsRootW
UrlCanonicalizeW
UrlCreateFromPathW
PathIsDirectoryW
PathRemoveFileSpecW
StrCmpIW
PathFindFileNameW
UrlIsW
PathCreateFromUrlW
PathStripToRootW
PathCanonicalizeW
PathFileExistsW
PathIsUNCW
PathAddBackslashW
PathIsRelativeW
PathRemoveExtensionW
PathCombineW
shell32
SHAppBarMessage
DragQueryFileA
SHFileOperationA
ord155
ShellExecuteW
DragAcceptFiles
ShellExecuteA
SHGetFolderPathW
DragFinish
SHGetPathFromIDListA
ShellExecuteExW
SHBrowseForFolderA
SHChangeNotify
Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
Sections
.text Size: 64KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 104KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 92KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ