Static task
static1
Behavioral task
behavioral1
Sample
30283f52200f57f784f1db26920907b889f764fd1a4b6e485398eb2d7f6a9453.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
30283f52200f57f784f1db26920907b889f764fd1a4b6e485398eb2d7f6a9453.exe
Resource
win10v2004-20220812-en
General
-
Target
30283f52200f57f784f1db26920907b889f764fd1a4b6e485398eb2d7f6a9453
-
Size
2.6MB
-
MD5
6be4ea605bb608a0d3f4abcfeaa7d72d
-
SHA1
659c956350fe423c890f8bce58bec23ba4d9643f
-
SHA256
30283f52200f57f784f1db26920907b889f764fd1a4b6e485398eb2d7f6a9453
-
SHA512
b594ad6407b19c14a2338ded12d5487d2ce6156754119019ee4954e2fd233287710506fb7a69b82145796344647d2af1d33d52ce5369dbcb7407abaf0c8f87f1
-
SSDEEP
49152:7SOSQMzhhE7Wc/XskE22np80EDoJO/A8o1do3mY1iZyorgZpUdPJQsCNo8SS5:7SOSqX/Xsksp80EUJ0A8o7Y1iZJrwOPG
Malware Config
Signatures
Files
-
30283f52200f57f784f1db26920907b889f764fd1a4b6e485398eb2d7f6a9453.exe windows x86
f80608e5552cd904f75a19a7f98b703a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleW
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
Sleep
GetNativeSystemInfo
GetComputerNameW
GetModuleFileNameA
SystemTimeToFileTime
GetSystemTime
LoadLibraryA
VirtualAlloc
GetProcAddress
GetTickCount
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
RaiseException
VirtualFree
CloseHandle
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
lstrlenA
GetModuleHandleA
InterlockedExchangeAdd
HeapFree
GetProcessHeap
HeapAlloc
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
GetStartupInfoW
GetCurrentThreadId
VirtualProtect
GetSystemInfo
VirtualQuery
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStringTypeW
user32
CharNextW
SetWindowLongW
GetWindowLongW
CallWindowProcW
DefWindowProcW
ole32
CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
oleaut32
VarUI4FromStr
advapi32
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegisterServiceCtrlHandlerExW
Sections
.text Size: 217KB - Virtual size: 217KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ