Static task
static1
Behavioral task
behavioral1
Sample
a4cd2eb280d54988e51f646ac6b968ed2ba9d967fabaef7ffd915bd4c8414270.exe
Resource
win7-20220812-en
General
-
Target
a4cd2eb280d54988e51f646ac6b968ed2ba9d967fabaef7ffd915bd4c8414270
-
Size
285KB
-
MD5
05bd3bb991118079ae1442a4afe73ccb
-
SHA1
9070ad04e93a0e3ca2c1615f522ec52e837e5fb8
-
SHA256
a4cd2eb280d54988e51f646ac6b968ed2ba9d967fabaef7ffd915bd4c8414270
-
SHA512
5017dd33390a2f629e2f7808607ecb3f4076eba066b91845445f3728de433dae39670042ec494a9712e6097ad1eb3e000a9ad185839c9f6d62bbacb0c8fbca97
-
SSDEEP
6144:sY4Tpn38P6hbPNCOK+DpYTclQ2mAmOKFYd8NMGkZaabWSYkYs4Mg2:iS6hbVb1ijA888NMZfbCkt4
Malware Config
Signatures
Files
-
a4cd2eb280d54988e51f646ac6b968ed2ba9d967fabaef7ffd915bd4c8414270.exe windows x86
8f996a278416655ce7469c970dccd50d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
EncodePointer
IsWow64Process
GetSystemTimeAsFileTime
FindAtomW
UnmapViewOfFile
LoadLibraryW
SetUnhandledExceptionFilter
InterlockedCompareExchange
MapViewOfFile
QueryDosDeviceW
QueryPerformanceCounter
EnterCriticalSection
EnumResourceLanguagesW
FindNextFileW
GetFileSizeEx
Sleep
ReleaseMutex
GetConsoleCursorMode
GetLogicalDriveStringsW
FindFirstFileW
WaitForSingleObject
UnhandledExceptionFilter
GetTickCount
FindClose
SetFileAttributesW
CreateFileMappingW
OpenProcess
CreateMutexW
setupapi
CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status
shlwapi
PathGetArgsW
PathIsUNCW
SHRegGetValueW
PathSkipRootW
StrDupW
PathFindFileNameW
advapi32
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
EncryptFileW
RegQueryValueExW
RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyW
DecryptFileW
RegCloseKey
Sections
.text Size: 140KB - Virtual size: 271KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 141KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ