Static task
static1
Behavioral task
behavioral1
Sample
8fc6cc616f35de7ed471371a7c12b12d074737cc623e3420f3632a220b52ba11.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
8fc6cc616f35de7ed471371a7c12b12d074737cc623e3420f3632a220b52ba11.exe
Resource
win10v2004-20221111-en
General
-
Target
8fc6cc616f35de7ed471371a7c12b12d074737cc623e3420f3632a220b52ba11
-
Size
5.9MB
-
MD5
8feb22620dce172809ae0d48eae7439b
-
SHA1
2ec1107c88b189ab78559f23a2c0c8d8350b462a
-
SHA256
8fc6cc616f35de7ed471371a7c12b12d074737cc623e3420f3632a220b52ba11
-
SHA512
a44856eb19ec90232c2444c2020be62c40d4dc4691ceaaf676314392f431f78755e6ab747e9929f7559b03dec37377cb4cea24b14993171e544bb168cd896d5b
-
SSDEEP
98304:z/i9V7q61e5tqduFuWCA4JVPRYzP+mhzEKuU4CGbqrVRUXzHVnh:zaT+64rJFuWOjgPTpJjmb2VRYh
Malware Config
Signatures
Files
-
8fc6cc616f35de7ed471371a7c12b12d074737cc623e3420f3632a220b52ba11.exe windows x86
960d0af31de3ee02af73626176ba556a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
CloseHandle
GetCurrentProcess
GetLastError
GetProcAddress
InterlockedCompareExchange
DisableThreadLibraryCalls
GetModuleHandleA
GetVersionExA
CreateMutexA
ReadFile
Sleep
LocalFileTimeToFileTime
DeleteCriticalSection
VirtualProtect
ExitProcess
FileTimeToSystemTime
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
ExitThread
GetCurrentThread
GetTickCount
SystemTimeToFileTime
SetLastError
VirtualFree
GetModuleHandleExW
VirtualAlloc
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
InterlockedDecrement
MultiByteToWideChar
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
RaiseException
IsDebuggerPresent
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetCurrentThreadId
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
advapi32
RegCreateKeyA
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyW
RegQueryValueExA
RegQueryValueW
RegOpenKeyW
RegEnumValueA
RegEnumKeyA
user32
GetWindowTextA
GetParent
SetForegroundWindow
GetWindowTextW
GetDlgItem
AppendMenuW
MessageBoxW
RedrawWindow
RegisterWindowMessageA
SendMessageW
PostQuitMessage
RegisterClassExA
RegisterWindowMessageW
MsgWaitForMultipleObjects
AppendMenuA
UpdateWindow
FindWindowA
LoadIconW
DefWindowProcW
LoadIconA
TrackPopupMenu
SetFocus
CreatePopupMenu
PostMessageA
SendMessageA
RegisterClassExW
GetMessageA
Sections
.text Size: 465KB - Virtual size: 465KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 429KB - Virtual size: 428KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5.0MB - Virtual size: 5.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ