Static task
static1
Behavioral task
behavioral1
Sample
f5942b06a8eef8f214eb95021dd835b44d20d562f703a63fa2832d82935caeae.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f5942b06a8eef8f214eb95021dd835b44d20d562f703a63fa2832d82935caeae.exe
Resource
win10v2004-20221111-en
General
-
Target
f5942b06a8eef8f214eb95021dd835b44d20d562f703a63fa2832d82935caeae
-
Size
975KB
-
MD5
74b8114a2e2a16dc20a7063749428c92
-
SHA1
e4eb653f68521c20dc72ea85e3fa7c8f083653b3
-
SHA256
f5942b06a8eef8f214eb95021dd835b44d20d562f703a63fa2832d82935caeae
-
SHA512
11c217075bdfe13b0c63cf727e4889716aacca42efcbe2861c6f52e8e39c25172730085d5210edc2ba54eebb3663a995a2c3f9f7b47db017fb291b31ec0ca231
-
SSDEEP
12288:N0UaD0ePLRx/u3PALNbaBbJvSW8WZTgkWEzsx+7IlqXRxQFNt6gsh37SBafFMZLK:u0ejzufAta7/ZTgxEO+7IlqHF3kp07
Malware Config
Signatures
Files
-
f5942b06a8eef8f214eb95021dd835b44d20d562f703a63fa2832d82935caeae.exe windows x86
a98e6984f572417197d66b2e191b45bc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
AreFileApisANSI
SwitchToThread
SetLocaleInfoW
FoldStringA
DeleteVolumeMountPointA
DeleteAtom
EnumCalendarInfoExA
GetTimeFormatA
CancelWaitableTimer
GetDiskFreeSpaceW
CreateIoCompletionPort
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetVolumeNameForVolumeMountPointA
GetNamedPipeInfo
DeleteTimerQueueEx
GetLongPathNameW
lstrcmpiA
CopyFileW
SetFileAttributesA
GetPrivateProfileIntW
GetSystemDirectoryA
GetSystemDefaultLCID
FindFirstVolumeA
SetFileAttributesW
OpenFileMappingW
GetExitCodeProcess
MoveFileWithProgressW
GetVolumePathNameA
SetInformationJobObject
GetCompressedFileSizeA
GetFileInformationByHandle
DosDateTimeToFileTime
GetPrivateProfileSectionW
CreateMailslotA
IsDBCSLeadByteEx
ConvertThreadToFiber
GetSystemDefaultLangID
GetFileAttributesExA
lstrcpynW
SetThreadLocale
VerSetConditionMask
GetTimeFormatW
OpenWaitableTimerW
GetCalendarInfoW
CompareStringW
Module32NextW
GetProcessAffinityMask
ChangeTimerQueueTimer
GetCommandLineW
OpenMutexW
GetConsoleWindow
OpenEventA
CreateTapePartition
GetAtomNameW
FlushViewOfFile
GetThreadTimes
FreeUserPhysicalPages
GetPrivateProfileSectionNamesA
GetVersion
SystemTimeToFileTime
FindFirstVolumeW
GetFileType
DisconnectNamedPipe
GetFileAttributesW
MoveFileW
LoadLibraryExA
CompareStringA
Module32FirstW
CreateDirectoryExA
FindResourceA
SetComputerNameExW
SearchPathW
lstrcpynA
GetOEMCP
MapViewOfFile
GetUserDefaultLCID
GetNumberFormatA
GetStringTypeW
OpenFileMappingA
WideCharToMultiByte
MoveFileExW
GetConsoleOutputCP
LCMapStringA
IsSystemResumeAutomatic
GetDevicePowerState
lstrcpyA
GetPrivateProfileStructA
GetAtomNameA
GetProcessTimes
SetHandleCount
GetFileSizeEx
GetVolumeInformationA
GetConsoleAliasesW
GetProcessIoCounters
SetLocaleInfoA
CancelIo
GetVolumeInformationW
WriteConsoleA
OpenMutexA
FlushInstructionCache
MoveFileWithProgressA
SetConsoleOutputCP
GetStartupInfoW
GetLocaleInfoW
VirtualProtect
GetProfileSectionW
GetProcAddress
GetThreadContext
OpenWaitableTimerA
ReleaseSemaphore
GetPrivateProfileStringW
CreateFileW
SetThreadPriority
EnumCalendarInfoExW
OpenSemaphoreA
GetWindowsDirectoryA
FreeEnvironmentStringsW
GetNumberOfConsoleInputEvents
GetMailslotInfo
ResetWriteWatch
CreateEventA
GetStartupInfoA
GetPrivateProfileSectionA
GetProfileSectionA
GetUserDefaultLangID
GetNamedPipeHandleStateA
SetCurrentDirectoryA
CopyFileExW
SetConsoleDisplayMode
GetSystemWindowsDirectoryW
DnsHostnameToComputerNameA
SetConsoleCtrlHandler
GetFileSize
SetConsoleMode
GetModuleHandleW
SetProcessAffinityMask
SetPriorityClass
WaitForSingleObjectEx
CreateDirectoryA
GetStdHandle
MapViewOfFileEx
GetSystemDirectoryW
EnumCalendarInfoA
GetCurrentThread
SetThreadAffinityMask
InitializeCriticalSectionAndSpinCount
PeekNamedPipe
SetProcessWorkingSetSize
OpenSemaphoreW
GetNumberFormatW
CreateWaitableTimerW
QueryInformationJobObject
GetModuleHandleA
SetWaitableTimer
GetEnvironmentVariableW
SetThreadIdealProcessor
GetDriveTypeW
FindResourceExW
LoadResource
OpenJobObjectA
SetComputerNameExA
GetShortPathNameW
DuplicateHandle
FoldStringW
GetLocaleInfoA
DeleteTimerQueueTimer
SetThreadExecutionState
CreateSemaphoreW
GetThreadPriority
SetVolumeMountPointA
GetConsoleMode
GetLogicalDrives
GetDriveTypeA
ReleaseMutex
CreateTimerQueue
Module32Next
GetProfileIntW
GetBinaryTypeA
SetEnvironmentVariableA
GetModuleFileNameA
GetLogicalDriveStringsW
LCMapStringW
SearchPathA
DeviceIoControl
GetCurrentDirectoryA
MultiByteToWideChar
HeapReAlloc
GetCPInfoExA
SetConsoleTextAttribute
SetProcessPriorityBoost
VirtualAlloc
GetTapeStatus
SetEvent
SetNamedPipeHandleState
GetCPInfo
GetFileAttributesA
GetPrivateProfileStructW
Module32First
CopyFileExA
FreeEnvironmentStringsA
FlushFileBuffers
GetCalendarInfoA
CreateWaitableTimerA
FindFirstFileA
GetACP
DeleteTimerQueue
BindIoCompletionCallback
DnsHostnameToComputerNameW
GetSystemDefaultUILanguage
GetDiskFreeSpaceA
ProcessIdToSessionId
DefineDosDeviceW
HeapAlloc
HeapSize
RtlUnwind
IsValidCodePage
Sleep
HeapFree
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetCommandLineA
HeapSetInformation
SetUnhandledExceptionFilter
ExitProcess
DecodePointer
WriteFile
GetModuleFileNameW
GetEnvironmentStringsW
DeleteCriticalSection
IsProcessorFeaturePresent
user32
RedrawWindow
advapi32
RegQueryValueW
LsaClose
ChangeServiceConfigW
StartServiceW
CreateWellKnownSid
SetServiceStatus
AddAce
GetSidLengthRequired
RegCreateKeyW
RegDeleteValueW
RegEnumKeyExA
ReportEventW
OpenProcessToken
RegEnumKeyA
QueryServiceStatus
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryValueExW
GetSecurityDescriptorLength
MakeSelfRelativeSD
CryptGetHashParam
LookupAccountSidW
RegOpenKeyExW
OpenSCManagerW
shell32
SHGetMalloc
ShellExecuteW
ShellExecuteExW
SHFileOperationW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHChangeNotify
SHGetDesktopFolder
SHBindToParent
SHGetFileInfoW
oleaut32
VariantClear
VariantInit
SafeArrayPtrOfIndex
VariantChangeType
VariantChangeTypeEx
SysFreeString
VariantCopy
SafeArrayGetUBound
GetActiveObject
SysStringLen
SafeArrayGetLBound
SysAllocStringByteLen
VariantCopyInd
GetErrorInfo
SysReAllocStringLen
SafeArrayCreate
SysAllocStringLen
Sections
.text Size: 369KB - Virtual size: 368KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 584KB - Virtual size: 941KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ