Static task
static1
Behavioral task
behavioral1
Sample
6def125fcbb5d2a428207f284b65b7ab564dc03f74f7b2b13a5d6a133e38cf1f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6def125fcbb5d2a428207f284b65b7ab564dc03f74f7b2b13a5d6a133e38cf1f.exe
Resource
win10v2004-20220812-en
General
-
Target
6def125fcbb5d2a428207f284b65b7ab564dc03f74f7b2b13a5d6a133e38cf1f
-
Size
643KB
-
MD5
75f4c42bf3c25259fd9e7b93f9ecb793
-
SHA1
0344dcdc84e77f2c4a5827005632224405d27b96
-
SHA256
6def125fcbb5d2a428207f284b65b7ab564dc03f74f7b2b13a5d6a133e38cf1f
-
SHA512
6d28f5b5715e92862a2dd3425b6fc24bff90858057a0134fc24b07181c9326ea0d2225d82a78c68c0bd72173f380ef1f97f1433176c90e9620c9aa69dba26eda
-
SSDEEP
12288:VPg1L6wlW2ckCweUcsWiC852YYXUwtyOJHviCcZmugc5YtACE0CYx:VPgVDlW2cE6e2YWUw3HvDcZm05YtAnax
Malware Config
Signatures
Files
-
6def125fcbb5d2a428207f284b65b7ab564dc03f74f7b2b13a5d6a133e38cf1f.exe windows x86
74f99b8b6379752eda6caaa3d3f8cda2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
ShellExecuteA
FindExecutableA
user32
GetWindowWord
SetWindowWord
BeginPaint
GetSysColor
GetClientRect
SetRect
EndPaint
LoadCursorA
GetLastActivePopup
ShowWindow
PostMessageA
SendMessageA
EnableWindow
DestroyWindow
SetWindowTextA
SetForegroundWindow
SetActiveWindow
SendDlgItemMessageA
UpdateWindow
OemToCharBuffA
CharUpperBuffA
DefWindowProcA
KillTimer
DialogBoxIndirectParamA
GetDlgItemTextA
EndDialog
GetWindowRect
GetSystemMetrics
SetWindowPos
GetKeyState
PeekMessageA
TranslateMessage
DispatchMessageA
GetParent
SetDlgItemTextA
GetDlgItem
InvalidateRect
wsprintfA
MessageBoxA
SetCursor
CharNextA
RegisterClassA
SetTimer
kernel32
VirtualAlloc
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
GetModuleHandleA
SetErrorMode
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
_lwrite
lstrcmpiA
GetVolumeInformationA
_lcreat
CreateFileA
CloseHandle
ExitProcess
GetSystemTime
WriteFile
GetModuleFileNameA
GetVersion
GlobalMemoryStatus
lstrcatA
FindClose
FindFirstFileA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
LocalAlloc
_lopen
GetDriveTypeA
WinExec
lstrcpyA
lstrlenA
_lclose
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
LocalFree
GetEnvironmentVariableA
GetWindowsDirectoryA
_llseek
_lread
gdi32
SetBkColor
SetTextColor
SetTextAlign
GetBkColor
GetTextExtentPoint32A
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
SelectObject
DeleteObject
advapi32
RegQueryValueA
comctl32
ord17
Sections
.text Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ