Static task
static1
Behavioral task
behavioral1
Sample
02906dbf3c1adb40fd2391fff385f48be6d529b3efd7baac17200d95ec55a9ad.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
02906dbf3c1adb40fd2391fff385f48be6d529b3efd7baac17200d95ec55a9ad.exe
Resource
win10v2004-20221111-en
General
-
Target
02906dbf3c1adb40fd2391fff385f48be6d529b3efd7baac17200d95ec55a9ad
-
Size
118KB
-
MD5
99c5c3f27a0439495471d16e775d8814
-
SHA1
104a11001d6177b99ad6ab49b97f970460505564
-
SHA256
02906dbf3c1adb40fd2391fff385f48be6d529b3efd7baac17200d95ec55a9ad
-
SHA512
12ae70c5ef819c31742bedf891a4cf0a877ff672d79845819e2b894131952d712d666319cd354ec18c582138eee46816fa169721ad1161767324a4de6139b4c1
-
SSDEEP
3072:MaRi1l6CoRuIGWXYQ0q1nNvzxAXhRRnpOBIIN6omO:DRiwuIGg9NvuXhwBIw6om
Malware Config
Signatures
Files
-
02906dbf3c1adb40fd2391fff385f48be6d529b3efd7baac17200d95ec55a9ad.exe windows x86
22bc267c1a9fcbd76b4148d17c8e58b2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFilePointer
lstrcmpiA
lstrcmpA
GetLongPathNameW
Sleep
GetPrivateProfileIntW
GetFileAttributesA
InterlockedIncrement
LoadLibraryExW
GetExitCodeProcess
GetModuleHandleA
InterlockedExchange
GetPrivateProfileSectionA
GetPrivateProfileIntW
SetEnvironmentVariableW
FindResourceW
CreateDirectoryA
WaitForMultipleObjects
Sleep
HeapCreate
GetDiskFreeSpaceA
GetDiskFreeSpaceA
Sleep
catsrv
CreateComponentLibraryTS
GetCatalogCRMClerk
OpenComponentLibraryTS
DllCanUnloadNow
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 20KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE