Static task
static1
Behavioral task
behavioral1
Sample
49b9bd903e0720a5801dca851a64cc10c06a506d92f11fc2856512151ced6799.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
49b9bd903e0720a5801dca851a64cc10c06a506d92f11fc2856512151ced6799.exe
Resource
win10v2004-20220812-en
General
-
Target
49b9bd903e0720a5801dca851a64cc10c06a506d92f11fc2856512151ced6799
-
Size
416KB
-
MD5
d6f87f2c00e581e1c7f908fbb55bf1f6
-
SHA1
cc0552ebc78d7834775bbaaa8910d07152f2b4c0
-
SHA256
49b9bd903e0720a5801dca851a64cc10c06a506d92f11fc2856512151ced6799
-
SHA512
08b0d9b2d16436a3319b7bbbbc72a9d46c82ec5ac2c468e115a3e894bff7cb07f1363660343059bbaa85856131a391d82339a5d5a6c1a35636af5bb11c21138f
-
SSDEEP
6144:wiDL4qsxpzzI3vRaONd1ef5IStDxJFj7Kzy9DBzgJG6Lz3:wQUZbzyRaONnefrDxXj7my9DBzMG6Lz3
Malware Config
Signatures
Files
-
49b9bd903e0720a5801dca851a64cc10c06a506d92f11fc2856512151ced6799.exe windows x86
ce5327fac27bdbbc297fcb641a60e24e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
WriteConsoleW
GetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
SetFilePointer
CreateFileA
GetSystemTime
GetWindowsDirectoryW
IsDebuggerPresent
GetModuleHandleA
VirtualAlloc
GetLocaleInfoA
GetCurrentDirectoryW
OpenMutexW
GetTempPathW
FlushInstructionCache
GetModuleFileNameW
GetWindowsDirectoryA
GetProcessHeap
VirtualFree
GetTickCount
GetCommandLineW
GetModuleHandleW
OutputDebugStringW
GetComputerNameW
GetCPInfo
GetComputerNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
CloseHandle
EnterCriticalSection
LeaveCriticalSection
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
user32
UnloadKeyboardLayout
GetWindowTextLengthW
InvertRect
OpenIcon
IsIconic
GetTopWindow
SetCapture
IsZoomed
GetClipCursor
EnumClipboardFormats
GetCapture
GetKeyboardState
GetForegroundWindow
GetWindowTextA
GetWindowLongW
GetWindowTextW
InSendMessageEx
GetDesktopWindow
GetCursorPos
DefMDIChildProcW
LoadBitmapW
FindWindowExW
PostMessageA
FlashWindow
GetCursor
DdePostAdvise
GetSystemMetrics
SetWindowTextA
SetDlgItemTextW
DialogBoxIndirectParamA
LoadCursorA
GetProcessDefaultLayout
GetMessageTime
GetMessagePos
RegisterDeviceNotificationA
DefFrameProcW
MoveWindow
gdi32
GetCharABCWidthsFloatW
SetICMProfileA
GetCharWidthFloatA
SetPixel
GetTextCharsetInfo
FlattenPath
EndPath
CopyEnhMetaFileW
ResizePalette
CloseEnhMetaFile
GetTextCharset
LPtoDP
comdlg32
CommDlgExtendedError
GetOpenFileNameA
ChooseColorW
GetFileTitleA
GetFileTitleW
FindTextW
ChooseFontA
GetOpenFileNameW
FindTextA
ChooseFontW
ChooseColorA
advapi32
GetUserNameA
RegOpenKeyExW
Sections
.text Size: 75KB - Virtual size: 74KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 314KB - Virtual size: 314KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ