Static task
static1
Behavioral task
behavioral1
Sample
9550418274df3892fd24be3c05e8ceb9ab759627b16139cfe5c82fa2f678bc7a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9550418274df3892fd24be3c05e8ceb9ab759627b16139cfe5c82fa2f678bc7a.exe
Resource
win10v2004-20220812-en
General
-
Target
9550418274df3892fd24be3c05e8ceb9ab759627b16139cfe5c82fa2f678bc7a
-
Size
294KB
-
MD5
77ff8f94406a316dd6de2a10b7bb36ec
-
SHA1
07ea4740fcb67c0731a64647b0dbf7420c9a4e2e
-
SHA256
9550418274df3892fd24be3c05e8ceb9ab759627b16139cfe5c82fa2f678bc7a
-
SHA512
94e276115a5eb4bfb780c534d73f0b6ce716562083b0ae6a89266006b47b705ed67239d4a1e584b9dba417fbb867c86462c4cddd7bef25341b65513786ee5aef
-
SSDEEP
6144:tpQCd1au9KZBXD7Bp3A4JwQzVKINYtYpeRrBaS8dt:tpQyau9KbfBpw3QzVKINI/r8S8d
Malware Config
Signatures
Files
-
9550418274df3892fd24be3c05e8ceb9ab759627b16139cfe5c82fa2f678bc7a.exe windows x86
e814f6caefb67615e11a1e3d0d9ba5b0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
PeekMessageW
TranslateMessage
FindWindowExW
GetClassNameW
GetWindowThreadProcessId
DispatchMessageW
MsgWaitForMultipleObjectsEx
GetWindowLongW
shell32
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHCreateDirectoryExW
ole32
CoUninitialize
CoInitializeEx
StringFromGUID2
CoCreateInstance
CoCreateGuid
OleRun
psapi
GetModuleFileNameExW
EnumProcessModules
shlwapi
PathRemoveFileSpecW
StrCmpW
StrStrIA
PathFileExistsW
SHDeleteEmptyKeyW
kernel32
SetThreadPriority
UnhandledExceptionFilter
ExpandEnvironmentStringsW
SizeofResource
OpenProcess
LockResource
WideCharToMultiByte
FormatMessageW
LoadLibraryExW
OpenFileMappingW
GetSystemTimeAsFileTime
HeapFree
GetTempFileNameW
ResumeThread
TerminateThread
IsDebuggerPresent
DeleteFileW
CloseHandle
WaitForMultipleObjects
ReleaseMutex
GetTempPathW
GlobalFree
SetLastError
LoadResource
WaitForSingleObject
CreateFileMappingW
CreateThread
RaiseException
GlobalAlloc
FindResourceW
GetCurrentThreadId
EnterCriticalSection
HeapDestroy
HeapReAlloc
lstrlenA
GlobalLock
GlobalUnlock
GetModuleHandleW
FindClose
FindNextFileW
CreateEventW
SetFilePointer
LeaveCriticalSection
FindFirstFileW
HeapAlloc
GetFileSize
MapViewOfFile
SetUnhandledExceptionFilter
CreateFileW
GetSystemInfo
GetProcessHeap
QueryPerformanceFrequency
UnmapViewOfFile
lstrcpyW
OpenMutexW
VirtualQuery
FreeLibrary
OpenEventW
FindResourceExW
CreateMutexW
OutputDebugStringW
DeleteCriticalSection
HeapSize
ResetEvent
WriteFile
lstrlenW
GetLocalTime
LocalAlloc
CreateDirectoryW
LocalFree
InitializeCriticalSectionAndSpinCount
CompareFileTime
VirtualAlloc
oleaut32
SysStringLen
VarUdateFromDate
SysFreeString
SysStringByteLen
VarCmp
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
advapi32
RegOpenKeyExW
FreeSid
SetNamedSecurityInfoW
RegOpenKeyW
RegQueryInfoKeyW
RegSetValueExW
InitializeSecurityDescriptor
RegEnumKeyW
GetSidSubAuthority
GetSidSubAuthorityCount
GetLengthSid
RegCloseKey
SetSecurityDescriptorSacl
CryptReleaseContext
InitializeAcl
GetNamedSecurityInfoW
GetAce
RegDeleteValueW
RegCreateKeyExW
SetEntriesInAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
LookupAccountNameW
ConvertSidToStringSidW
RegEnumKeyExW
RegEnumValueW
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetUserNameW
CryptAcquireContextW
GetSidIdentifierAuthority
CryptGenRandom
RegDeleteKeyW
RegQueryValueExW
GetAclInformation
AddAce
AllocateAndInitializeSid
AddAccessAllowedAce
mapi32
ord75
ord17
ord185
ord135
ord11
ord45
ord140
esent
JetOpenTable
JetFreeBuffer
JetOpenDatabase
JetGetObjectInfo
JetCreateIndex
JetBeginSession
JetGetTableIndexInfo
JetCloseDatabase
JetTerm
JetAttachDatabase
JetSetIndexRange
JetSetCurrentIndex
JetCommitTransaction
JetMove
JetSeek
JetGetInstanceInfo
JetSetSystemParameter
JetBeginTransaction
JetEndSession
JetCreateInstance
JetMakeKey
JetInit
JetGetTableColumnInfo
JetRetrieveColumn
JetDetachDatabase
JetCloseTable
comctl32
CreateStatusWindow
ImageList_GetImageCount
CreateUpDownControl
ImageList_EndDrag
ImageList_DragMove
ImageList_Destroy
CreateStatusWindowW
ImageList_GetImageRect
loadperf
RestorePerfRegistryFromFileW
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256KB - Virtual size: 274KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 15KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ