Static task
static1
Behavioral task
behavioral1
Sample
dda530220c7196a25fe5119dae77006879ce67974fe520512ecf103841ed0bed.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
dda530220c7196a25fe5119dae77006879ce67974fe520512ecf103841ed0bed.exe
Resource
win10v2004-20220901-en
General
-
Target
dda530220c7196a25fe5119dae77006879ce67974fe520512ecf103841ed0bed
-
Size
41KB
-
MD5
af3e7de0eb6195a70bc4b6c28c7a10e5
-
SHA1
e50e1cc9e77d68690a5e22f4e013702810df333a
-
SHA256
dda530220c7196a25fe5119dae77006879ce67974fe520512ecf103841ed0bed
-
SHA512
1a1f9ad2e907c5b253587fa8e51bd6512d4b6279f102490fff6d2f808532066f3eb68e86bd24bb5227031fe148e637fa7eae9e5939c266e2a18d37abc74c2a08
-
SSDEEP
384:eOBTHsGL+t+XpAVTHxS4mjUt26czJ4lOm/dSE264dNmdjuHV4+dFqsIotbJE7EiB:eqQGK4XpqTR1mAUrYwO4ydj7HI+sq
Malware Config
Signatures
Files
-
dda530220c7196a25fe5119dae77006879ce67974fe520512ecf103841ed0bed.exe windows x86
89734d525ef28ce70556d1eb897a249b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
CreateBrushIndirect
CreateColorSpaceA
CreateColorSpaceW
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateDiscardableBitmap
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
odbc32
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
SQLColAttributeW
SQLColAttributes
SQLColAttributesA
SQLColAttributesW
SQLColumnPrivileges
SQLColumnPrivilegesA
SQLColumnPrivilegesW
SQLColumns
SQLColumnsA
SQLColumnsW
SQLConnect
SQLConnectA
SQLConnectW
SQLCopyDesc
SQLDataSources
SQLDataSourcesA
SQLDataSourcesW
onex
OneXAddEapAttributes
OneXAddTLV
msvcrt
fread
fopen
msdart
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
??1CCritSec@@QAE@XZ
kernel32
QueryDosDeviceA
GetVersionExW
ReadConsoleA
EnumCalendarInfoW
GetACP
LocalFlags
LockResource
LocalCompact
GetWindowsDirectoryA
msacm32
acmFilterEnumW
acmFormatTagDetailsW
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmDriverMessage
acmFilterDetailsW
perfctrs
CloseDhcpPerformanceData
mfcsubs
??0CString@@QAE@XZ
mscms
AssociateColorProfileWithDeviceA
AssociateColorProfileWithDeviceW
CheckBitmapBits
CheckColors
CloseColorProfile
ConvertColorNameToIndex
ConvertIndexToColorName
CreateColorTransformA
CreateColorTransformW
CreateDeviceLinkProfile
CreateMultiProfileTransform
CreateProfileFromLogColorSpaceA
CreateProfileFromLogColorSpaceW
DeleteColorTransform
AssociateColorProfileWithDeviceA
AssociateColorProfileWithDeviceW
CheckBitmapBits
CheckColors
CloseColorProfile
ConvertColorNameToIndex
ConvertIndexToColorName
CreateColorTransformA
CreateColorTransformW
CreateDeviceLinkProfile
CreateMultiProfileTransform
CreateProfileFromLogColorSpaceA
CreateProfileFromLogColorSpaceW
DeleteColorTransform
aclui
CreateSecurityPage
EditSecurity
Sections
Size: 1KB - Virtual size: 10KB
IMAGE_SCN_MEM_WRITE
Size: 10KB - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 496B
IMAGE_SCN_MEM_READ