Static task
static1
Behavioral task
behavioral1
Sample
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446.exe
Resource
win10v2004-20220812-en
General
-
Target
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
Size
267KB
-
MD5
9d9aac18c62290539c705bc16a7461ec
-
SHA1
f92486488122b019162c7d4e6c867304997f464c
-
SHA256
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446
-
SHA512
66216aec72d73f47f29e069884c2cbde67c086f567cbd9d636d26f8a733fe41c7b8fe9624767c8553def76a817e2411b1f9244166481a3442b65aa78a0de8a29
-
SSDEEP
6144:2LIIUuWWBC6c5V4GS1Xl6aXqb1E/21w0kIerV:GIIUbWm471Xs5EWw0Veh
Malware Config
Signatures
Files
-
0ff9140d942e3a19c7dcb70958d8a72b98a1549578e9fb91ae159398ff750446.exe windows x86
433d85a01df0756720f264207145076a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
CharToOemBuffA
CharToOemA
GetKeyboardType
LoadStringA
MessageBoxA
GetWindowThreadProcessId
CharUpperA
WindowFromPoint
WinHelpW
WinHelpA
WaitMessage
UpdateWindow
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TranslateAcceleratorA
TrackPopupMenu
SystemParametersInfoA
AnimateWindow
ShowWindow
ShowScrollBar
ShowCaret
SetWindowsHookExA
SetWindowTextW
SetWindowTextA
SetWindowPos
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollInfo
SetParent
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetDlgItemTextW
SetDlgItemTextA
SetCursorPos
SetCursor
SetClipboardData
SetClassLongA
SetCaretPos
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
SendDlgItemMessageA
ScrollWindow
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassExW
RegisterClassW
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
OpenClipboard
OffsetRect
OemToCharBuffA
OemToCharA
MoveWindow
ModifyMenuW
ModifyMenuA
MessageBoxW
MessageBeep
MapWindowPoints
LoadMenuA
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
LoadAcceleratorsA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDlgButtonChecked
IsDialogMessageA
IsClipboardFormatAvailable
InvalidateRect
IntersectRect
InsertMenuA
InflateRect
HideCaret
CharNextA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowLongW
GetWindowLongA
GetWindowDC
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetParent
GetWindow
GetNextDlgTabItem
GetMessageA
GetMenuStringW
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetKeyboardState
GetKeyState
GetFocus
GetDlgItemTextW
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClipboardFormatNameA
GetClipboardData
GetClientRect
GetClassNameW
GetClassNameA
GetClassLongA
GetClassInfoW
GetAsyncKeyState
GetActiveWindow
FindWindowA
FillRect
ExitWindowsEx
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextA
DrawStateA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DispatchMessageA
DialogBoxParamW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCaret
DeleteMenu
DefWindowProcW
DefWindowProcA
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateMDIWindowW
CreateCaret
CountClipboardFormats
CloseClipboard
CheckRadioButton
CheckMenuItem
CheckDlgButton
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
AppendMenuW
AppendMenuA
CharLowerBuffA
CharLowerA
CharUpperBuffA
comdlg32
CommDlgExtendedError
ChooseColorA
ChooseFontA
GetSaveFileNameW
GetOpenFileNameW
shell32
ShellExecuteA
DragFinish
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconA
ExtractIconA
ExtractIconW
SHGetFolderPathW
ShellExecuteW
DragAcceptFiles
SHGetFileInfoW
SHGetFileInfoA
advapi32
AdjustTokenPrivileges
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegQueryValueExW
RegQueryValueW
RegQueryValueA
RegOpenKeyA
RegDeleteValueW
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
LookupPrivilegeValueA
gdi32
GetObjectA
GetDeviceCaps
GetDIBits
GetCharABCWidthsFloatW
GetBkColor
ExtTextOutW
ExtTextOutA
ExtCreatePen
GetPixel
EndDoc
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateFontIndirectA
CreateFontA
CreateDIBitmap
CreateDIBSection
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
AddFontResourceA
AbortDoc
SaveDC
GetStockObject
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsA
LineTo
MoveToEx
PtInRegion
Rectangle
RemoveFontResourceA
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetPixel
SetPixelV
SetStretchBltMode
SetTextAlign
SetTextColor
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
EndPage
GetTextColor
comctl32
ImageList_Destroy
CreateToolbarEx
ImageList_GetIconSize
ImageList_Draw
ImageList_SetBkColor
ord17
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
version
VerQueryValueA
GetFileVersionInfoA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
kernel32
OpenProcess
OpenFileMappingA
MulDiv
MoveFileExW
MoveFileW
MoveFileA
MapViewOfFile
LockResource
LocalUnlock
LocalLock
LocalFileTimeToFileTime
LoadResource
LoadLibraryW
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
HeapFree
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalMemoryStatus
GlobalHandle
GlobalLock
GlobalFree
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationA
GetVersionExA
GetTimeZoneInformation
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeExA
GetShortPathNameA
GetProfileStringA
GetProcessHeap
GetModuleFileNameW
GetFileTime
GetFileAttributesW
GetFileAttributesA
GetDriveTypeA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetCommandLineW
GetCPInfo
GetACP
QueryDosDeviceA
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemCodePagesA
EnumCalendarInfoA
DosDateTimeToFileTime
DeviceIoControl
DeleteFileW
CreateThread
CreateProcessW
CreateProcessA
CreateFileW
CreateEventA
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
QueryPerformanceCounter
QueryPerformanceFrequency
ReadProcessMemory
RemoveDirectoryW
ResetEvent
ResumeThread
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
SetCurrentDirectoryW
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFileTime
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnmapViewOfFile
VirtualAllocEx
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQueryEx
WaitForSingleObject
WinExec
WriteProcessMemory
_hread
_hwrite
_lcreat
_lopen
_lread
lstrcatA
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpyW
lstrcpynW
lstrlenW
SetFilePointerEx
GetFileSizeEx
FindFirstVolumeA
FindNextVolumeA
GetCPInfoExA
GetLongPathNameW
GetLongPathNameA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
TlsAlloc
TlsFree
IsDebuggerPresent
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapReAlloc
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
FormatMessageW
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
CloseHandle
CreateFileA
DeleteFileA
GetFileType
GetSystemTime
GetFileSize
Sections
.text Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 37.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 116KB - Virtual size: 115KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ