Static task
static1
Behavioral task
behavioral1
Sample
5405ae280a58ad25afd3016a17377de650a409d8c4132875f29ee933e5e92801.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5405ae280a58ad25afd3016a17377de650a409d8c4132875f29ee933e5e92801.exe
Resource
win10v2004-20220812-en
General
-
Target
5405ae280a58ad25afd3016a17377de650a409d8c4132875f29ee933e5e92801
-
Size
131KB
-
MD5
2b6eca66f65cb3abee97adcf07a7ec4c
-
SHA1
d6632c6c2a004dbf564640b6e5e6677a3b449ac6
-
SHA256
5405ae280a58ad25afd3016a17377de650a409d8c4132875f29ee933e5e92801
-
SHA512
b651dea35af4fe8a6fb0f50d9d84981730c2927074e02b364be2f8695dcf9fbd930cbc1cc9a4f7ce7bb40823c791c1a9efa83d7ff91d8b674b5f31e7931d61d5
-
SSDEEP
3072:qoACFKJr4RMv9aD6HqP9Eotq0GddMHTYeyhV71Zx0r5lioFx:7AVl4RMv7KP9EoxGcTYNh91DQJx
Malware Config
Signatures
Files
-
5405ae280a58ad25afd3016a17377de650a409d8c4132875f29ee933e5e92801.exe windows x86
2b168030004297df8c92c04a65069864
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetNumberFormatA
GetCurrentThreadId
HeapCreate
ReadFile
LocalFlags
CreateEventW
GetPrivateProfileStringA
LocalFree
lstrlenW
GetDriveTypeW
InitializeCriticalSection
GetEnvironmentVariableW
TlsGetValue
FindClose
LoadLibraryW
GetConsoleAliasA
GetCurrentProcessId
FindAtomA
ResumeThread
SuspendThread
user32
CreateWindowExA
GetClientRect
GetKeyboardType
IsWindow
GetSysColor
DrawStateW
EndDialog
GetClassInfoA
CallWindowProcW
GetSysColor
SetFocus
DispatchMessageA
DrawTextA
srclient
EnableSR
EnableSR
EnableSR
EnableSR
EnableSR
clbcatq
DllGetClassObject
Sections
.text Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 484KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 364KB - Virtual size: 364KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ