Static task
static1
Behavioral task
behavioral1
Sample
874810b9776ee06b95941a6f6c11e405a425889ccb8e209bff05f4f963e3702f.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
874810b9776ee06b95941a6f6c11e405a425889ccb8e209bff05f4f963e3702f.exe
Resource
win10v2004-20221111-en
General
-
Target
874810b9776ee06b95941a6f6c11e405a425889ccb8e209bff05f4f963e3702f
-
Size
742KB
-
MD5
c31a315595eb1347c8214cb2da13570f
-
SHA1
6dfc77da8714a9d5c389bc0831338a291e02e8cc
-
SHA256
874810b9776ee06b95941a6f6c11e405a425889ccb8e209bff05f4f963e3702f
-
SHA512
83b4ddac83906828fa558bb6c05ab9cb0000ba4ceb8705050115612316a47da439cb0c66a61bb931f2598a943ef4121c894d3b84c0fea8959c2a414c96728339
-
SSDEEP
12288:raFnV+EsYUW8y6keo464GxkQi4RlfvKpEnyOrGCaDCvzABRkPZGV2L7H1v:rafiY1aF64GHRJCpEnyOrGCiCL4ksVmZ
Malware Config
Signatures
Files
-
874810b9776ee06b95941a6f6c11e405a425889ccb8e209bff05f4f963e3702f.exe windows x86
ca3881b812ae0595bd9e63837f2b6630
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InitializeCriticalSection
FindClose
CloseHandle
HeapDestroy
DeleteFileA
HeapSize
GetFileSize
FindClose
CreateMutexW
GetTickCount
SetFileAttributesA
ResumeThread
HeapCreate
ResetEvent
SetEndOfFile
GetModuleHandleA
GetEnvironmentVariableA
AddAtomW
GetStartupInfoW
GetTickCount
WaitForSingleObject
ReleaseMutex
ExitProcess
CreateFileA
GetCurrentDirectoryA
wininet
FtpGetFileA
DeleteUrlCacheEntryA
FtpCreateDirectoryA
DeleteUrlCacheEntryA
FtpFindFirstFileA
FtpPutFileA
FtpOpenFileA
HttpQueryInfoA
FtpGetCurrentDirectoryA
FtpDeleteFileA
HttpEndRequestA
FindCloseUrlCache
DeleteUrlCacheEntryA
qmgrprxy
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 736KB - Virtual size: 735KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ