Static task
static1
Behavioral task
behavioral1
Sample
61ce6ec62ae5b2e21ef498d8db98e9df5d24eee15cf215f7fe702ff1653ad836.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
61ce6ec62ae5b2e21ef498d8db98e9df5d24eee15cf215f7fe702ff1653ad836.exe
Resource
win10v2004-20220901-en
General
-
Target
61ce6ec62ae5b2e21ef498d8db98e9df5d24eee15cf215f7fe702ff1653ad836
-
Size
294KB
-
MD5
1e11ba672d94a4510ce55c6378c8cdb6
-
SHA1
c33e6e05b0e7713d33bd9a17e8b41c10e019fce4
-
SHA256
61ce6ec62ae5b2e21ef498d8db98e9df5d24eee15cf215f7fe702ff1653ad836
-
SHA512
9d34f23959f27843d513044dc6d8d1f53ab04d1f8fe53ed7ce1ea27f703f688495449677eac093351a9c0c698cdf06c4cfcaa57deb838189df2ba45c6ecda077
-
SSDEEP
6144:cXA71FMhGYcdu1DtD4xhKBO1iT4ICH3Ng61:22FMhGY62DtDzO1iTFW3e61
Malware Config
Signatures
Files
-
61ce6ec62ae5b2e21ef498d8db98e9df5d24eee15cf215f7fe702ff1653ad836.exe windows x86
f4fa4a264902fabc683b4e059f02a302
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
DrawTextExW
SwapMouseButton
DispatchMessageW
ChangeClipboardChain
SetProcessWindowStation
SetMenuContextHelpId
RegisterWindowMessageA
GetOpenClipboardWindow
IsCharLowerW
FlashWindow
GetSystemMetrics
CascadeWindows
kernel32
UnlockFileEx
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
MapUserPhysicalPagesScatter
AssignProcessToJobObject
DisableThreadLibraryCalls
GetProcessHandleCount
EraseTape
CreateFileMappingW
FlushInstructionCache
GetThreadSelectorEntry
GetCommandLineW
GetExitCodeThread
FreeUserPhysicalPages
GlobalUnWire
SetPriorityClass
SetSystemTimeAdjustment
MulDiv
SetInformationJobObject
CreateIoCompletionPort
QueryMemoryResourceNotification
GetTapeStatus
ResetWriteWatch
GetCommModemStatus
WTSGetActiveConsoleSessionId
GetThreadTimes
SetMessageWaitingIndicator
RequestDeviceWakeup
TransmitCommChar
RtlCaptureStackBackTrace
SetTapeParameters
GetCurrentThreadId
SetCommMask
ReleaseMutex
GetThreadContext
ReplaceFileW
DeleteAtom
RequestWakeupLatency
GetVersion
ConvertThreadToFiber
CreateTapePartition
IsProcessInJob
SetMailslotInfo
RemoveVectoredExceptionHandler
GetWriteWatch
GetNamedPipeHandleStateA
SetProcessWorkingSetSize
ClearCommBreak
GetProcessHeap
GetFileType
GetMailslotInfo
DeactivateActCtx
FlushViewOfFile
GlobalDeleteAtom
SetProcessShutdownParameters
GetProcessPriorityBoost
FindNextChangeNotification
ReplaceFileA
IsSystemResumeAutomatic
UpdateResourceW
GetFileAttributesExW
CreateJobSet
CheckRemoteDebuggerPresent
GetStdHandle
EnumTimeFormatsW
GetProfileIntA
WaitNamedPipeA
EnumSystemLanguageGroupsW
GetCommandLineA
GetVersionExA
GetStartupInfoA
RaiseException
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExA
InitializeCriticalSection
HeapAlloc
Sleep
VirtualAlloc
HeapReAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
Sections
.text Size: 144KB - Virtual size: 144KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 123KB - Virtual size: 122KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ