Static task
static1
Behavioral task
behavioral1
Sample
b2bf0db86cfd44f472a57dc3bb1e7966f4c8c1814984c62d72b18964855c166c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b2bf0db86cfd44f472a57dc3bb1e7966f4c8c1814984c62d72b18964855c166c.exe
Resource
win10v2004-20221111-en
General
-
Target
b2bf0db86cfd44f472a57dc3bb1e7966f4c8c1814984c62d72b18964855c166c
-
Size
831KB
-
MD5
74eaf4e19852f750ffc5812d836b418d
-
SHA1
36181666183112c1374829231bdb6e089165285e
-
SHA256
b2bf0db86cfd44f472a57dc3bb1e7966f4c8c1814984c62d72b18964855c166c
-
SHA512
64b6687c61d7b1b97339818588ef37857638d4d7c5304531db46d6d2403827e0e9234c6a22bde7e20dc2129d87d1e9c85b4066afea93b690018640fdd99856b6
-
SSDEEP
24576:o8IHa2DZCsx3JfHCrc9byjLpyujX+W9Sfso:o6Wh5fi/5yujXl9Fo
Malware Config
Signatures
Files
-
b2bf0db86cfd44f472a57dc3bb1e7966f4c8c1814984c62d72b18964855c166c.exe windows x86
89352735e2f5c8153e07f103764ec0f5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mfcsubs
??4CString@@QAEABV0@ABV0@@Z
??1CObject@@UAE@XZ
?Collate@CString@@QBEHPBG@Z
??0CString@@QAE@GH@Z
??8@YG_NABVCString@@0@Z
??9@YG_NABVCString@@PBG@Z
??O@YG_NABVCString@@0@Z
?GetAt@CString@@QBEGH@Z
??BCString@@QBEPBGXZ
?FormatMessageW@CString@@QAAXPBGZZ
??9@YG_NPBGABVCString@@@Z
??0CCriticalSection@@QAE@XZ
??O@YG_NPBGABVCString@@@Z
??8@YG_NPBGABVCString@@@Z
kernel32
EnumTimeFormatsW
FatalAppExitW
LoadLibraryW
GetLocaleInfoW
LockResource
GetTickCount
CopyFileExW
lstrcpyW
GetCurrentThread
CreateMailslotW
GetConsoleInputExeNameW
GlobalMemoryStatus
SetConsoleTitleA
GetDriveTypeW
EndUpdateResourceA
GetModuleHandleW
GlobalAddAtomA
lstrlen
GetVolumePathNameW
SetEnvironmentVariableW
SetProcessWorkingSetSize
ReadFileEx
GlobalFix
rasman
RasFreeBuffer
RasRpcRemoteGetSystemDirectory
RasRpcGetInstalledProtocols
RasActivateRouteEx
RasPortGetProtocolCompression
IsRasmanProcess
RasRpcUnloadDll
RasEnumConnectionPorts
RasPortFree
RasRpcConnect
RasRpcGetVersion
ir41_qc
CompressFramesInfo
AllocInstanceData
FreeInstanceData
Compress
SetScalability
CompressEnd
DllMain
CompressBegin
opengl32
glPixelTransferf
glRasterPos3s
glCopyTexSubImage2D
wglSetPixelFormat
glTexCoord1s
glGetClipPlane
glTexCoord1iv
glDeleteTextures
glTexGenfv
glColor3uiv
glCallLists
glEnd
glPixelTransferi
glIndexdv
glGetTexEnviv
glTexCoord3f
glEdgeFlagPointer
glTexEnviv
loghours
ReplicationScheduleDialogEx
LogonScheduleDialog
DirSyncScheduleDialogEx
LogonScheduleDialogEx
DirSyncScheduleDialog
DialinHoursDialog
ConnectionScheduleDialogEx
DialinHoursDialogEx
ReplicationScheduleDialog
ConnectionScheduleDialog
advapi32
CryptReleaseContext
RegisterTraceGuidsA
LsaEnumerateTrustedDomainsEx
ConvertStringSDToSDRootDomainA
CredRenameW
SystemFunction031
LsaSetInformationPolicy
GetAuditedPermissionsFromAclW
CreateServiceA
Sections
.text Size: 379KB - Virtual size: 378KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 129KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 181KB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 140KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ