Static task
static1
Behavioral task
behavioral1
Sample
9d458440bd420b8ed6e66777abc5028ab67d4ac34d4ea97a6337fdf11ba10ff0.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
9d458440bd420b8ed6e66777abc5028ab67d4ac34d4ea97a6337fdf11ba10ff0.exe
Resource
win10v2004-20221111-en
General
-
Target
9d458440bd420b8ed6e66777abc5028ab67d4ac34d4ea97a6337fdf11ba10ff0
-
Size
1.3MB
-
MD5
92795db4680e66ecdbb4f55b2dd2af27
-
SHA1
96076b0568592bd65040c065d1d0ff9d1030919f
-
SHA256
9d458440bd420b8ed6e66777abc5028ab67d4ac34d4ea97a6337fdf11ba10ff0
-
SHA512
ed5f1584e104af08aef4bb03abd7a9f60a980ac3f085a0d981ab6c54b1a68f444c0894d353898140ee3fa78687b4de421b8ecd0f02d620543cc0024428f292ef
-
SSDEEP
24576:yQwA8X80TzK1n8l7y1+OeCQ/1uLXuheg33y1rQLcMiZrgAQPLA9:tDozKCS+vCw1WXN43Hns
Malware Config
Signatures
Files
-
9d458440bd420b8ed6e66777abc5028ab67d4ac34d4ea97a6337fdf11ba10ff0.exe windows x86
c845e907de9618ad4d38d966960cca87
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
dhcpcsvc
DhcpEnumClasses
McastApiStartup
McastApiCleanup
McastGenUID
kernel32
HeapAlloc
CreateNamedPipeA
CreateDirectoryA
GetProcessId
SetFilePointer
GetModuleHandleA
CompareStringA
WaitForSingleObjectEx
LoadLibraryA
GetEnvironmentVariableA
GetDateFormatW
GetFullPathNameW
VirtualProtect
qutil
AllocFixupInfo
AllocConnections
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ