Static task
static1
Behavioral task
behavioral1
Sample
44401705fde9686366bc56de3011d5b51d5199634f754b4cfed7ceeba94f8641.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
44401705fde9686366bc56de3011d5b51d5199634f754b4cfed7ceeba94f8641.exe
Resource
win10v2004-20221111-en
General
-
Target
44401705fde9686366bc56de3011d5b51d5199634f754b4cfed7ceeba94f8641
-
Size
216KB
-
MD5
7ee71a224c4c3a97e83c6152ea135e34
-
SHA1
53d689b16434c9de41bf05851bb511b4896e9b0e
-
SHA256
44401705fde9686366bc56de3011d5b51d5199634f754b4cfed7ceeba94f8641
-
SHA512
d4c89ae298ff75fe852f345cf2529d63919ed7a9a2c13d26756ea2c2465d7eaa61475e18eaaa12ae7af5e7441180f1bf54ca6c4532ef4bf693bdf9c50892cdd3
-
SSDEEP
3072:qG2crAhPbhfktQRwN9+J+K+lnAMLeTfEG1w/eN0xGTYGkbJibtOAm3lbaA:PwDVkSCN9+J+KD9fEG1w/em1AmFaA
Malware Config
Signatures
Files
-
44401705fde9686366bc56de3011d5b51d5199634f754b4cfed7ceeba94f8641.exe windows x86
fdeb02a28baa12a962ffabcbf612bb9b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
MultiByteToWideChar
InterlockedExchange
GetLastError
WideCharToMultiByte
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetVersion
lstrlenA
FindResourceA
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
CloseHandle
SetEvent
OpenEventA
OutputDebugStringA
OutputDebugStringW
RaiseException
GetCurrentProcessId
GetModuleFileNameW
InterlockedIncrement
VirtualAlloc
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
OpenFileMappingA
InterlockedDecrement
HeapValidate
IsBadReadPtr
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
GetOEMCP
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
DebugBreak
GetStdHandle
WriteFile
WriteConsoleW
GetFileType
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
RtlUnwind
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
user32
LoadStringA
advapi32
RevertToSelf
OpenThreadToken
SetThreadToken
Sections
.text Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ