Static task
static1
Behavioral task
behavioral1
Sample
9edaa56a687ffa692ebe226670b840285e6f6ec18ff8926416368ac038510091.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
9edaa56a687ffa692ebe226670b840285e6f6ec18ff8926416368ac038510091.exe
Resource
win10v2004-20221111-en
General
-
Target
9edaa56a687ffa692ebe226670b840285e6f6ec18ff8926416368ac038510091
-
Size
63KB
-
MD5
090aa4d794f96e0869801fb7035fa1b0
-
SHA1
07cbbe766956e45aadf4adc57468b99f59058ea1
-
SHA256
9edaa56a687ffa692ebe226670b840285e6f6ec18ff8926416368ac038510091
-
SHA512
748ec1c68193f77862ac2e879200eb9d723b35949dd2caa3e6c52926b21b6f9bb670417898d1cc929f790aa517c98911b4bbd6009a41e7c379cd7d51571bf8a0
-
SSDEEP
768:MoNvu7wTNh+E6QaYvlx3aVxDaYVU/WVYfzB/RBFke//3TL:XhnTNh+E6Q5x3aVxDm/66BnbL
Malware Config
Signatures
Files
-
9edaa56a687ffa692ebe226670b840285e6f6ec18ff8926416368ac038510091.exe windows x86
e848a9a2c47ea40e4f733785789b09f2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
ReadConsoleW
CreateMailslotA
CopyFileA
HeapCreate
GetVolumePathNameW
FindClose
VirtualFree
CreateFileMappingA
FindClose
SetVolumeLabelA
CreateEventA
GetModuleHandleA
GetFullPathNameW
GetCurrentDirectoryW
GetModuleHandleW
GetStringTypeA
CreatePipe
GetEnvironmentVariableW
GetFullPathNameW
CreateSemaphoreA
FindClose
CreateFileA
mshtml
DllGetClassObject
DllCanUnloadNow
PrintHTML
ShowModalDialog
Sections
.text Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.RES Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.avdr Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ