Static task
static1
Behavioral task
behavioral1
Sample
0ce338c46f4f088564bcedce97c3e8e4218a96dd51d59b7737410799af6744c3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0ce338c46f4f088564bcedce97c3e8e4218a96dd51d59b7737410799af6744c3.exe
Resource
win10v2004-20221111-en
General
-
Target
0ce338c46f4f088564bcedce97c3e8e4218a96dd51d59b7737410799af6744c3
-
Size
633KB
-
MD5
5a1ddb827e12deb8ec9d5dc91f473c50
-
SHA1
279783ebd6932d578a3463923b4afd048b3c834d
-
SHA256
0ce338c46f4f088564bcedce97c3e8e4218a96dd51d59b7737410799af6744c3
-
SHA512
cf2e29d8aa46561f3ca26dfb4a1a0dfbf4cedfda27a8993645e0d36a9d3d9007cc22ea882bf3bdd18130022794cf45cda7757c11b093143784a474869ea25695
-
SSDEEP
12288:7wmU9jQ/PuxrjsYXgbwBj1gk2KfS66jJHnRYlOGAXH:ejQ/PuxrjqEgTKfSt1sAX
Malware Config
Signatures
Files
-
0ce338c46f4f088564bcedce97c3e8e4218a96dd51d59b7737410799af6744c3.exe windows x86
49a060cf1861bec28fe77f66f5b79cae
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetFileSizeEx
GetFileTime
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitProcess
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
WritePrivateProfileStringA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
MulDiv
GetTickCount
lstrlenA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
FreeLibrary
HeapAlloc
SetLastError
IsDBCSLeadByteEx
SetFilePointer
ReadFile
GetFileSize
HeapFree
GetProcessHeap
GetModuleHandleA
FormatMessageA
GetLastError
DeleteFileA
CloseHandle
FindClose
FindFirstFileA
lstrlenW
GetFileAttributesA
WriteFile
CreateFileA
Sleep
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
LCMapStringW
WideCharToMultiByte
user32
RegisterClipboardFormatA
PostThreadMessageA
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
CharUpperA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
ReleaseDC
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
GetDC
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowTextA
GetWindowTextLengthA
IsWindow
SetForegroundWindow
MessageBoxA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconA
EnableWindow
gdi32
ExtSelectClipRgn
DeleteDC
GetStockObject
PtVisible
GetTextColor
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
GetBkColor
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateRectRgnIndirect
RectVisible
comdlg32
GetFileTitleA
winspool.drv
OpenPrinterA
ClosePrinter
DocumentPropertiesA
advapi32
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
comctl32
InitCommonControlsEx
shlwapi
PathFindFileNameA
PathRemoveFileSpecW
PathStripToRootA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CLSIDFromProgID
CoCreateInstance
CoInitialize
CoTaskMemFree
CoCreateGuid
CLSIDFromString
CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
oleaut32
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantChangeType
SysAllocStringByteLen
SysStringLen
VariantClear
SysAllocStringLen
SysFreeString
wininet
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetSetOptionA
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenA
Sections
.text Size: 292KB - Virtual size: 292KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 37.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 131KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ