Static task
static1
Behavioral task
behavioral1
Sample
22831b71824150f30eb3722330d86f422a5e7b557dc98ede9c035387d9f03051.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
22831b71824150f30eb3722330d86f422a5e7b557dc98ede9c035387d9f03051.exe
Resource
win10v2004-20221111-en
General
-
Target
22831b71824150f30eb3722330d86f422a5e7b557dc98ede9c035387d9f03051
-
Size
620KB
-
MD5
25a9a92af6c5c014da078b0184df48a0
-
SHA1
7b2449fdbd46c18d9cf0cf9d1ee9f6a15cd533ea
-
SHA256
22831b71824150f30eb3722330d86f422a5e7b557dc98ede9c035387d9f03051
-
SHA512
059a2e5dfc05487ea5a27c8cdf3e67498e738140638f7034b4306b00b3ac8b880a580711ab302e683959aa9651cd0cc2c4b3dec45f73e0657204a6380dd874af
-
SSDEEP
12288:cj1smqrq0hTW3fAAyu14f91VwYO+jl12Jj9sW461AZUcT:8Crq0hTW3fAAyu14fhwr+jJW46/4
Malware Config
Signatures
Files
-
22831b71824150f30eb3722330d86f422a5e7b557dc98ede9c035387d9f03051.exe windows x64
32bdb77c6cf258944cb642fa43112b6e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
advapi32
RegOpenKeyExW
RegCloseKey
RegEnumValueW
kernel32
GetCommandLineW
GetModuleHandleW
lstrlenW
GetStartupInfoW
HeapSetInformation
ExpandEnvironmentStringsW
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
user32
AllowSetForegroundWindow
msvcrt
memcpy
_fmode
__setusermatherr
_amsg_exit
?terminate@@YAXXZ
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
_vsnwprintf
_initterm
__set_app_type
_commode
memset
ntdll
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
ole32
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
shell32
ShellExecuteExW
shlwapi
ord158
ord437
StrTrimW
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 408B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.vmp0 Size: 508KB - Virtual size: 1.8MB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE