Static task
static1
Behavioral task
behavioral1
Sample
8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4.exe
Resource
win10v2004-20220812-en
General
-
Target
8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4
-
Size
389KB
-
MD5
ba16d0eb9646876b1e0359ebf58e2fbf
-
SHA1
8a597731b11d3d0a2d70837cfe826b7fe4bc3bf3
-
SHA256
8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4
-
SHA512
2e62ab4054b34da54d066407b1ee484df2dab2edddf5ef2912ef10719358cc0032df78946f3c2bddda97f88681ce88a313f11dd7a3156ce05bf3945f0b3756ac
-
SSDEEP
12288:aRZ/erQejiMb+ecUPQ6NrmJxRHHE6mRsc9gC8NLhPtD6YUS:MZ2rInUo6N7OJUS
Malware Config
Signatures
Files
-
8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4.exe windows x86
701c1bd83545587e0bf0257676ab81ed
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_SYSTEM
Imports
kernel32
CompareStringA
GetCurrentThreadId
GetCurrentProcessId
CreateFileW
SetStdHandle
CloseHandle
SetFilePointer
LCMapStringW
GetStringTypeW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
RtlUnwind
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
MultiByteToWideChar
IsProcessorFeaturePresent
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
WriteFile
CreateToolhelp32Snapshot
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsBadReadPtr
HeapValidate
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
ExitProcess
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
EncodePointer
DecodePointer
EnumDateFormatsA
LoadLibraryA
GetProcAddress
GetLastError
SetConsoleTitleA
Thread32Next
Sleep
Thread32First
GetConsoleTitleA
FreeLibrary
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapAlloc
RaiseException
user32
FindWindowA
UpdateWindow
LoadImageA
DestroyIcon
EnumDisplayDevicesA
MoveWindow
LoadCursorA
ToAsciiEx
ClientToScreen
GetWindowRect
InsertMenuItemA
RegisterClassExA
TrackPopupMenu
GetWindowDC
GetKeyState
GetFocus
AttachThreadInput
LoadIconA
DefFrameProcA
IsWindowEnabled
wsprintfA
FindWindowW
GetClientRect
SendMessageA
GetKeyboardState
OffsetRect
GetKeyboardLayout
MapVirtualKeyA
MessageBoxA
CreateWindowExA
ReleaseDC
GetDlgItem
DefWindowProcA
GetDesktopWindow
GetCursorPos
GetMenuStringA
ShowWindow
CreatePopupMenu
gdi32
DeleteDC
GetDeviceCaps
ExcludeClipRect
CreateDCA
CombineRgn
CreateRectRgn
SetPixelFormat
shell32
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileA
ole32
CoInitialize
CreatePointerMoniker
CoUninitialize
CoCreateInstance
CoFileTimeNow
oleaut32
SysAllocString
comctl32
ImageList_ReplaceIcon
uxtheme
DrawThemeBackground
Sections
.text Size: 100KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.utext Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ