Static task
static1
Behavioral task
behavioral1
Sample
ffecdbbd802fc2e5ac8c75103080bc4a64d6b5920e3bad63614d4fd8a0b17254.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ffecdbbd802fc2e5ac8c75103080bc4a64d6b5920e3bad63614d4fd8a0b17254.exe
Resource
win10v2004-20220812-en
General
-
Target
ffecdbbd802fc2e5ac8c75103080bc4a64d6b5920e3bad63614d4fd8a0b17254
-
Size
80KB
-
MD5
3b221bdc0017d7bf6d9cec74c75e9408
-
SHA1
926c3834509996c6f93233af13152239e14f631e
-
SHA256
ffecdbbd802fc2e5ac8c75103080bc4a64d6b5920e3bad63614d4fd8a0b17254
-
SHA512
2b7cbcdee2b35789cff3a332417c38421a866db7ce1ecfb39003975714b80e52f3ebe2a5e484b9e24fd8c902dbe8e7805dae909e30ad5c7850431287dc2cf398
-
SSDEEP
1536:GnCetAOtEGKM2wDmU30DIxNOgbcbA0MM0mK9pZ6ZO8E9f/BLFgv:fqW1SpN3aA0MZT8E9f/BLS
Malware Config
Signatures
Files
-
ffecdbbd802fc2e5ac8c75103080bc4a64d6b5920e3bad63614d4fd8a0b17254.exe windows x86
00ab342ae94318820ad8f06b68928fa6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
shell32
ShellAboutA
ShellExecuteA
ShellExecuteExA
DragFinish
DragQueryFileA
DragAcceptFiles
ord62
ExtractAssociatedIconA
olesvr32
ord2
ord10
ord5
ord4
ord7
ord6
ord3
ord8
olecli32
ord14
ord38
ord40
ord13
ord6
ord18
ord22
ord29
ord32
ord25
ord3
ord4
ord12
ord35
ord37
ord24
ord11
ord19
ord46
ord27
ord23
ord21
ord2
ord39
ord28
ord36
ord15
ord44
ord9
ord42
ord45
ord43
ord20
ord10
ord41
kernel32
_lread
AddAtomA
GlobalFree
VirtualFree
GetFileType
VirtualAlloc
GetCPInfo
GetOEMCP
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
GetACP
ExitProcess
GetVersion
RtlUnwind
GetEnvironmentStrings
GetStartupInfoA
GetCommandLineA
GlobalDeleteAtom
GlobalAddAtomA
GetModuleHandleA
LocalLock
LocalUnlock
LocalAlloc
MulDiv
FindFirstFileA
LocalFree
RtlMoveMemory
GlobalUnlock
lstrcmpiA
GlobalLock
_lclose
_llseek
_lcreat
OpenFile
lstrlenA
lstrcpyA
GetProcAddress
DeleteFileA
GetLastError
CloseHandle
CreateThread
GlobalReAlloc
FindClose
_lwrite
GetTempFileNameA
GetTempPathA
GetAtomNameA
WaitForSingleObject
DeleteAtom
GlobalAlloc
_lopen
Sleep
GlobalHandle
lstrcatA
lstrcmpA
user32
PostQuitMessage
SetWindowTextA
IsWindow
wsprintfA
ShowWindow
GetSubMenu
EnableMenuItem
InsertMenuA
DestroyMenu
CreatePopupMenu
DeleteMenu
GetClientRect
EndDialog
SetDlgItemTextA
GetSystemMetrics
MessageBoxA
DialogBoxParamA
OemToCharA
BringWindowToTop
EnumThreadWindows
DrawFocusRect
OffsetRect
DrawTextA
PeekMessageA
IsWindowVisible
SetRect
GetWindowDC
SystemParametersInfoA
EnableScrollBar
EnableWindow
CheckRadioButton
IsDlgButtonChecked
IsWindowEnabled
GetDlgItem
UpdateWindow
EndPaint
GetSysColor
BeginPaint
IsClipboardFormatAvailable
DefWindowProcA
ScrollWindow
SetScrollPos
GetScrollRange
GetScrollPos
FillRect
ReleaseCapture
SetCursor
ScreenToClient
SetCapture
IsIconic
SetClipboardData
EmptyClipboard
GetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
DestroyIcon
DrawIcon
CharUpperBuffA
CharLowerA
RegisterClipboardFormatA
SetRectEmpty
IsRectEmpty
SetFocus
GetMenu
SendMessageA
GetTopWindow
WinHelpA
LoadAcceleratorsA
GetSysColorBrush
GetDC
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassA
DestroyWindow
PostMessageA
TranslateAcceleratorA
TranslateMessage
CloseClipboard
OpenClipboard
GetClipboardData
SetWindowPos
InvalidateRect
GetKeyState
CreateWindowExA
LoadStringA
DispatchMessageA
GetMessageA
gdi32
CreateMetaFileA
SetWindowOrgEx
SetWindowExtEx
CloseMetaFile
CopyMetaFileA
SetBkMode
TextOutA
PatBlt
GetTextExtentPointA
SetTextColor
SetBkColor
GetStockObject
CreateFontIndirectA
DeleteObject
SelectObject
GetDeviceCaps
SetTextAlign
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueA
RegCloseKey
Sections
.text Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ