Static task
static1
Behavioral task
behavioral1
Sample
a9bb73fd3a27cfefef0ce563aeb194b997a82b1f63cc113ce454ea394be36e90.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a9bb73fd3a27cfefef0ce563aeb194b997a82b1f63cc113ce454ea394be36e90.exe
Resource
win10v2004-20220812-en
General
-
Target
a9bb73fd3a27cfefef0ce563aeb194b997a82b1f63cc113ce454ea394be36e90
-
Size
126KB
-
MD5
2f34179389c07f5f09efb2e2bf4a7943
-
SHA1
4ab14537852fd937656fdd7dd6b456cc2ad76107
-
SHA256
a9bb73fd3a27cfefef0ce563aeb194b997a82b1f63cc113ce454ea394be36e90
-
SHA512
e8e8695dc8ca4b6ab1f6def36c050c7f46146a35aa11cd080430d5e973f5d82e3b9d3d735e3c966a9ec3c5812b7e1dbdfca00b2d619bd953baafedb4b94d6098
-
SSDEEP
3072:d4EuDnROYTPItn5C8ZzwbNRTpM2u3Zv010c3qeLuietZ9hf:SB925YJRTpzupvC0WqwuiUZf
Malware Config
Signatures
Files
-
a9bb73fd3a27cfefef0ce563aeb194b997a82b1f63cc113ce454ea394be36e90.exe windows x86
5365b8df49525e9b6e2be382e1d1dc67
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
LocalLock
ReadConsoleA
GetProcAddress
GetCommTimeouts
OpenFileMappingA
MapViewOfFileEx
GetPriorityClass
IsBadHugeReadPtr
GetLongPathNameA
ReleaseMutex
GetFullPathNameA
FindResourceExA
PulseEvent
GetUserDefaultLangID
GetCPInfo
ResumeThread
GetVersion
FindClose
GetThreadSelectorEntry
GlobalFree
GetProcessVersion
GetExitCodeThread
GetMailslotInfo
FreeLibrary
GetCommConfig
WaitForSingleObject
WriteProfileSectionA
HeapDestroy
LocalShrink
OpenSemaphoreA
GetCommMask
SetFilePointer
GetPrivateProfileIntA
LocalUnlock
SignalObjectAndWait
IsBadReadPtr
GetProcessTimes
ResetEvent
MoveFileA
VirtualQueryEx
VirtualUnlock
GetCurrentThread
PurgeComm
GetProfileIntA
LocalAlloc
GlobalAddAtomA
FindAtomA
GetTickCount
LocalFlags
GetWindowsDirectoryA
GetExitCodeProcess
FreeResource
LocalHandle
GetCommModemStatus
GetVolumeInformationA
HeapCreate
GetPrivateProfileSectionNamesA
GlobalFlags
CopyFileExA
CreateDirectoryA
CreateFileMappingA
GetThreadContext
UnmapViewOfFile
GlobalSize
GetCurrentProcess
GetEnvironmentVariableA
VirtualAlloc
GetUserDefaultUILanguage
GetLargestConsoleWindowSize
Beep
CreateMutexA
DeleteFileA
GlobalFindAtomA
GetSystemDefaultUILanguage
WritePrivateProfileSectionA
GetShortPathNameA
WaitForSingleObjectEx
WriteProfileStringA
ClearCommError
GetThreadPriorityBoost
GetUserDefaultLCID
DeleteAtom
GetFileInformationByHandle
GetNamedPipeHandleStateA
GetHandleInformation
ContinueDebugEvent
GetCurrentProcessId
GetLocalTime
GetModuleFileNameA
GetPrivateProfileStructA
GetProcessAffinityMask
PeekNamedPipe
GetProfileSectionA
LocalFree
IsBadCodePtr
DefineDosDeviceA
GlobalAlloc
RemoveDirectoryA
GetThreadLocale
FreeConsole
GetDiskFreeSpaceExA
GetStdHandle
GetEnvironmentStrings
SetFileTime
WaitForMultipleObjects
WaitNamedPipeA
GetTempPathA
GlobalUnfix
GlobalUnlock
SetFileAttributesA
AreFileApisANSI
WaitForMultipleObjectsEx
DuplicateHandle
IsValidCodePage
LoadLibraryA
GetLastError
ConnectNamedPipe
FindFirstChangeNotificationA
GetOEMCP
LoadLibraryExA
QueryDosDeviceA
DisconnectNamedPipe
EraseTape
WriteProcessMemory
AddAtomA
GetModuleHandleA
GetFileTime
VirtualProtectEx
GetLogicalDriveStringsA
ReadProcessMemory
PeekConsoleInputA
InitAtomTable
HeapValidate
CreateFileA
Sleep
GetProcessHeap
AllocConsole
SetEvent
VirtualFree
BeginUpdateResourceA
CreateSemaphoreA
CreateRemoteThread
GetConsoleCursorInfo
FlushViewOfFile
GetCommandLineA
GetStartupInfoA
msvcrt
rand
time
__set_app_type
_controlfp
exit
strstr
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 110KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE