Static task
static1
Behavioral task
behavioral1
Sample
82b35c5faec248b129fd0775db1ce5ef91f5db523f0a92c5897cca2e593035de.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
82b35c5faec248b129fd0775db1ce5ef91f5db523f0a92c5897cca2e593035de.dll
Resource
win10v2004-20220812-en
General
-
Target
82b35c5faec248b129fd0775db1ce5ef91f5db523f0a92c5897cca2e593035de
-
Size
158KB
-
MD5
ac90825535a46b32190962e00bc12c9d
-
SHA1
3e57e4fe2227576cb40a95afd99465d8e2e979e5
-
SHA256
82b35c5faec248b129fd0775db1ce5ef91f5db523f0a92c5897cca2e593035de
-
SHA512
c022cfc011aa10aaef5bce674d913d6e5eb2f1e5406503c071bb9212849fade7e54e5055a83510005f8a8af94f1f47aafb31eaef811305c3cf89e643bee0fa4f
-
SSDEEP
3072:50lGD8zSNUrbfMcyA4tAd2u2PxIYFW+JEtm3s:5nYKUvPyPyUPTQm8
Malware Config
Signatures
Files
-
82b35c5faec248b129fd0775db1ce5ef91f5db523f0a92c5897cca2e593035de.dll windows x86
49b12e7edac287efebe2e315396b3e05
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI
Imports
shlwapi
SHDeleteEmptyKeyA
ord195
AssocCreate
SHDeleteKeyA
PathRemoveBackslashA
ole32
CoCreateInstance
CoInitialize
kernel32
GetVersionExW
GetVersionExA
WideCharToMultiByte
GetCommandLineW
GetModuleHandleA
GetEnvironmentVariableW
SetErrorMode
Sleep
ResetEvent
CreateEventA
GetWindowsDirectoryA
FormatMessageA
GlobalFree
WaitForMultipleObjects
CreateEventW
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
LocalAlloc
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
TryEnterCriticalSection
SwitchToThread
ResumeThread
CreateThread
TerminateThread
IsDBCSLeadByteEx
GetStringTypeW
HeapReAlloc
GetStringTypeA
GetCPInfo
user32
MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
MessageBoxW
winhttp
WinHttpCloseHandle
WinHttpConnect
advapi32
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
shell32
SHGetFolderPathW
Sections
.text Size: 139KB - Virtual size: 138KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ