Static task
static1
Behavioral task
behavioral1
Sample
979c426cde6a1e8de6497a5a0644f2ebfb8bc82b171d7856842879b38a0f0141.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
979c426cde6a1e8de6497a5a0644f2ebfb8bc82b171d7856842879b38a0f0141.exe
Resource
win10v2004-20221111-en
General
-
Target
979c426cde6a1e8de6497a5a0644f2ebfb8bc82b171d7856842879b38a0f0141
-
Size
272KB
-
MD5
37b0bcf7503fd2a9b0a0a1649010e534
-
SHA1
b47100a8c307d76e2f1b7a2f46a964278d937b9f
-
SHA256
979c426cde6a1e8de6497a5a0644f2ebfb8bc82b171d7856842879b38a0f0141
-
SHA512
e33ac77190cffa105c5de7002d763e9edcda3b2c8d3d55a93c4e4677a607768cbd0c53b24cc1280cd3cca06ea2cd87a2085061f6f966ef644d0934ae1088848f
-
SSDEEP
6144:TCB552rwTpq1qTjqpzpXDNrgla9QFpKmkavEZsLVwkBq/oUHPgw:+B5uwpjq9nkYuFJkav9N+oUI
Malware Config
Signatures
Files
-
979c426cde6a1e8de6497a5a0644f2ebfb8bc82b171d7856842879b38a0f0141.exe windows x86
6b70f768a00524e5aa0884bcf95f9eb1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
SHGetFileInfoA
oleaut32
SysFreeString
SysAllocStringLen
ole32
CoCreateInstance
CoInitialize
CoUninitialize
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
advapi32
RegOpenKeyExA
AllocateAndInitializeSid
GetTokenInformation
RegQueryValueExA
RegCloseKey
OpenProcessToken
FreeSid
EqualSid
wsock32
ioctlsocket
inet_addr
kernel32
SetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
DeleteCriticalSection
lstrcmpiA
GetProcessHeap
HeapFree
LocalFree
HeapAlloc
GetCommandLineW
LoadLibraryExA
FileTimeToSystemTime
GetTimeZoneInformation
GetModuleHandleA
FormatMessageA
OutputDebugStringA
SystemTimeToTzSpecificLocalTime
FreeLibrary
GetCurrentThreadId
WideCharToMultiByte
CloseHandle
GetACP
VirtualAlloc
user32
DestroyIcon
DrawIconEx
SetFocus
EnumThreadWindows
LockWindowUpdate
GetSystemMetrics
PostMessageA
LoadIconA
comdlg32
GetOpenFileNameW
esent
JetCreateTable
JetEnableMultiInstance
JetBackupInstance
JetDefragment
JetSeek
JetCloseTable
JetDupSession
JetDeleteColumn2
JetEscrowUpdate
JetRetrieveTaggedColumnList
JetCreateDatabase
JetCloseFile
JetMakeKey
JetGetColumnInfo
JetInit
getuname
GetUName
Sections
.text Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 248KB - Virtual size: 848KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ