Static task
static1
Behavioral task
behavioral1
Sample
1c9c11f413068923b5c24b36d2e3efa253deef989a7f3fd5c25b12d92fcff536.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1c9c11f413068923b5c24b36d2e3efa253deef989a7f3fd5c25b12d92fcff536.exe
Resource
win10v2004-20221111-en
General
-
Target
1c9c11f413068923b5c24b36d2e3efa253deef989a7f3fd5c25b12d92fcff536
-
Size
310KB
-
MD5
2ede316bd717b9d7ca25707a4fa40b5f
-
SHA1
0db30d9ca51d6874b07dcca4ba7101fe843d9aab
-
SHA256
1c9c11f413068923b5c24b36d2e3efa253deef989a7f3fd5c25b12d92fcff536
-
SHA512
006869a386df1c86bc2729a98f81e3ff8d3b5a7aceb85a97f803707a7f4d16912bacc5bdb2e9e54f3820b3872623da4163ebda5b68cb8e8a41e15d606bd115f9
-
SSDEEP
3072:FSl6EaT2Tip/qJ3sP/gsVlpgyaMGdwj4y2/scaALUX9+gkcJYd1WYykLBA11fSDZ:FGGVHgyw0cah9RxYTWSV6w20z3cvHA
Malware Config
Signatures
Files
-
1c9c11f413068923b5c24b36d2e3efa253deef989a7f3fd5c25b12d92fcff536.exe windows x86
b85bb1b44c8ed80af43da3274a59d038
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
EnableMenuItem
CheckMenuRadioItem
ShowWindowAsync
GetRawInputDeviceList
MessageBoxExW
LockWorkStation
GetUpdateRgn
LoadImageW
GetWindowLongW
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
OpenClipboard
MoveWindow
GetMenuStringW
GetMenuItemCount
CloseClipboard
CheckMenuItem
GetCursorPos
GetParent
GetSysColor
SetClipboardData
GetMenu
EnableWindow
MapWindowPoints
GetSubMenu
GetDC
EmptyClipboard
DlgDirSelectExW
InsertMenuItemW
ReleaseDC
GetClassNameW
ModifyMenuW
GetMenuItemInfoW
GetDlgCtrlID
ScreenToClient
TileWindows
DrawStateA
SendNotifyMessageW
DestroyWindow
GetMessageA
AllowSetForegroundWindow
UnhookWinEvent
GetRawInputDeviceInfoW
TabbedTextOutW
DestroyMenu
DestroyCursor
ClipCursor
DragObject
LockWindowUpdate
version
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
kernel32
GlobalDeleteAtom
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualQuery
GetSystemInfo
VirtualProtect
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InitializeCriticalSection
UnhandledExceptionFilter
TerminateProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
HeapReAlloc
VirtualAlloc
VirtualFree
HeapFree
DeleteCriticalSection
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
EscapeCommFunction
GetNamedPipeHandleStateA
ConvertFiberToThread
GetThreadPriorityBoost
IsProcessInJob
LocalCompact
CreateFiber
GetFileAttributesExW
AssignProcessToJobObject
GetFileType
GetModuleFileNameW
RemoveVectoredExceptionHandler
EncodePointer
CreateJobSet
GetNamedPipeInfo
GetProcessTimes
SetCommBreak
GetThreadTimes
SetMailslotInfo
GetCurrentThreadId
SetHandleInformation
GetExitCodeProcess
SetSystemPowerState
GetFileInformationByHandle
GetThreadSelectorEntry
CreateTimerQueue
DisableThreadLibraryCalls
FlushViewOfFile
IsWow64Process
GetCommTimeouts
GetStdHandle
AreFileApisANSI
GetThreadContext
TlsGetValue
GetThreadPriority
SetProcessWorkingSetSize
ConvertThreadToFiber
GetNamedPipeHandleStateW
FlushInstructionCache
PostQueuedCompletionStatus
GetLastError
PeekNamedPipe
SetFileApisToOEM
InitAtomTable
ReleaseMutex
GetModuleFileNameA
FindNextChangeNotification
GetCommandLineA
ReleaseSemaphore
FreeUserPhysicalPages
GlobalUnWire
UpdateResourceW
GetCommModemStatus
GetProcessVersion
CreateIoCompletionPort
ResetWriteWatch
ContinueDebugEvent
DeactivateActCtx
PulseEvent
DeleteAtom
RequestWakeupLatency
GetProcessHeap
SetInformationJobObject
SetLastError
CreateMemoryResourceNotification
MulDiv
SetPriorityClass
GetVersion
GetCurrentThread
GlobalCompact
DisconnectNamedPipe
MapUserPhysicalPagesScatter
GetProcessPriorityBoost
MapUserPhysicalPages
GetCurrentProcess
IsSystemResumeAutomatic
GetPriorityClass
SetTapeParameters
PrepareTape
GetWriteWatch
CreateFileMappingW
GetProcessIoCounters
ReplaceFileA
GlobalUnlock
SetProcessPriorityBoost
CreateFiberEx
GetDevicePowerState
LocalUnlock
GetTapeStatus
TransmitCommChar
GetProcessHandleCount
DecodePointer
GetFileTime
LockResource
CancelWaitableTimer
GetThreadIOPendingFlag
QueueUserAPC
WTSGetActiveConsoleSessionId
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA
CloseHandle
GetSystemDirectoryA
lstrcatA
lstrlenA
GetTempFileNameA
RemoveDirectoryA
CreateProcessA
CreateThread
GlobalLock
GetDiskFreeSpaceA
lstrcpynA
LoadLibraryA
SetErrorMode
GetTempPathA
SetFileTime
ExitProcess
CopyFileA
GetFileSize
CreateFileA
GetTickCount
Sleep
SetFileAttributesA
CreateDirectoryA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
WideCharToMultiByte
HeapAlloc
GetVersionExA
GetStartupInfoA
RaiseException
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetCPInfo
Sections
.text Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 174KB - Virtual size: 174KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ