Static task
static1
Behavioral task
behavioral1
Sample
1e7960a65a709610f36d00791c88717a984229e457146c4f5925cfb50df39b28.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1e7960a65a709610f36d00791c88717a984229e457146c4f5925cfb50df39b28.exe
Resource
win10v2004-20220812-en
General
-
Target
1e7960a65a709610f36d00791c88717a984229e457146c4f5925cfb50df39b28
-
Size
143KB
-
MD5
98513e29a9be23e63a13d0d950820666
-
SHA1
bc08499739216a236d478ae98c8fc0b25d828df0
-
SHA256
1e7960a65a709610f36d00791c88717a984229e457146c4f5925cfb50df39b28
-
SHA512
ae3c8e4d1c8af8d3819811373e8618e3ad904148c8728e1eeec4dba3970742932c40bc8cf41a9e6a2964d081ccb056e93a4643488b6dd4ebd6423fb3227eeb68
-
SSDEEP
3072:iN6ZekwVJIlgps5q9Eb648qwlS/+TfQO45Db/:pe9IB83ID5X/
Malware Config
Signatures
Files
-
1e7960a65a709610f36d00791c88717a984229e457146c4f5925cfb50df39b28.exe windows x86
dbe129d5088d493503666c0323721783
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winhttp
WinHttpSendRequest
WinHttpCrackUrl
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSetOption
shlwapi
StrCpyW
StrStrIW
StrToIntExA
StrCatW
PathAddBackslashW
StrToIntW
comctl32
InitCommonControlsEx
urlmon
URLDownloadToFileW
URLDownloadToCacheFileW
kernel32
GetACP
GetCPInfo
LoadLibraryA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetLocaleInfoA
IsValidCodePage
HeapFree
GetProcessHeap
IsWow64Process
GetCurrentProcess
GetVersionExW
CloseHandle
GetFileSize
CreateFileW
GetTickCount
GetLastError
ReadFile
WaitForSingleObject
CreateProcessW
lstrcatW
FreeLibrary
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
lstrcmpiW
GetCommandLineW
lstrlenW
GlobalFree
lstrcpyW
MultiByteToWideChar
WideCharToMultiByte
GetExitCodeThread
CreateThread
Sleep
HeapAlloc
CreateEventExW
GetTempPathW
lstrcmpiA
lstrcatA
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
GetModuleHandleW
WaitForMultipleObjects
ResumeThread
GetEnvironmentStringsW
TerminateProcess
OpenProcess
WriteFile
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
CreateDirectoryW
SetLastError
LocalFree
GetFileType
GetOEMCP
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
GetProcAddress
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
GetStringTypeA
GetStringTypeW
LCMapStringW
LCMapStringA
GetTempFileNameW
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
user32
LoadIconW
SetWindowTextW
DestroyMenu
SetDlgItemTextW
ShowWindow
SetTimer
GetDlgItem
SendMessageW
GetWindowLongW
SetWindowLongW
wsprintfW
TrackPopupMenuEx
GetCursorPos
AppendMenuW
CreatePopupMenu
DialogBoxParamW
GetDlgItemTextW
gdi32
GetStockObject
CreateFontIndirectW
GetObjectW
advapi32
GetSecurityDescriptorSacl
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorA
ConvertStringSecurityDescriptorToSecurityDescriptorW
shell32
ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ