Static task
static1
Behavioral task
behavioral1
Sample
049c00fa4d1822dd1d09353c379c7f206e28bd5e35d899b25e0d5ab6ad7b6e6f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
049c00fa4d1822dd1d09353c379c7f206e28bd5e35d899b25e0d5ab6ad7b6e6f.exe
Resource
win10v2004-20220901-en
General
-
Target
049c00fa4d1822dd1d09353c379c7f206e28bd5e35d899b25e0d5ab6ad7b6e6f
-
Size
56KB
-
MD5
86390ccfbf7823862e882dfe08de037a
-
SHA1
2c34ec7424cc3960072a8dbcd17bfa34f20688aa
-
SHA256
049c00fa4d1822dd1d09353c379c7f206e28bd5e35d899b25e0d5ab6ad7b6e6f
-
SHA512
77946e04f98e785e883dd85c6a683b8c60fbe5bfd90a6eb1afc190f2e06f0998bee276e56546f3615f20da065af8b625133d5b1436d2f029540aada30cbe1f10
-
SSDEEP
768:65g7+wetdMrhyBoPWA4lWMdwpQVIsVUYGHeVaByPANnM8yNm9DDig:6q732MJapd6uVVae5mMaDi
Malware Config
Signatures
Files
-
049c00fa4d1822dd1d09353c379c7f206e28bd5e35d899b25e0d5ab6ad7b6e6f.exe windows x86
2972f0ebd0f1524a05e61ca784f3e4e9
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
xrcore
?Core@@3VxrCore@@A
?_initialize@xrCore@@QAEXPBDP6GX0@ZH@Z
?xr_FS@@3PAVCLocatorAPI@@A
?_initialize@CLocatorAPI@@QAEXIPBD@Z
?r_open@CLocatorAPI@@QAEPAVIReader@@PBD@Z
?_destroy@xrCore@@QAEXXZ
?r_u8@IReader@@QAEEXZ
?open_chunk@IReader@@QAEPAV1@I@Z
?r_fvector3@IReader@@QAEXAAU?$_vector3@M@@@Z
?r_u32@IReader@@QAEIXZ
?r_float@IReader@@QAEMXZ
?find_chunk@IReader@@QAEIIPAH@Z
?r@IReader@@QAEXPAXH@Z
?r_stringZ@IReader@@QAEXPADI@Z
?advance@IReader@@QAEXH@Z
d3dx9d_35
D3DXMatrixRotationYawPitchRoll
D3DXMatrixInverse
D3DXQuaternionRotationMatrix
kernel32
VirtualFree
GetSystemInfo
VirtualProtect
GetLocaleInfoA
ReadFile
SetEndOfFile
SetFilePointer
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsBadCodePtr
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
InterlockedExchange
GetCurrentDirectoryA
ExitProcess
HeapFree
HeapAlloc
GetModuleHandleA
GetCommandLineA
GetVersionExA
RaiseException
GetProcAddress
GetLastError
CloseHandle
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
CreateDirectoryA
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSize
SetUnhandledExceptionFilter
SetStdHandle
FlushFileBuffers
CreateFileA
LoadLibraryA
RtlUnwind
Sections
.text Size: 40KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE