Static task
static1
Behavioral task
behavioral1
Sample
49d21d524edf9f5d81c5683c7281237a751681e1c985b5eae6309847dc44bc02.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
49d21d524edf9f5d81c5683c7281237a751681e1c985b5eae6309847dc44bc02.exe
Resource
win10v2004-20220812-en
General
-
Target
49d21d524edf9f5d81c5683c7281237a751681e1c985b5eae6309847dc44bc02
-
Size
310KB
-
MD5
386c745bd27a67902a9995a3405f33d0
-
SHA1
ff1375ec2f8db0daf06615c2837019502338cb7d
-
SHA256
49d21d524edf9f5d81c5683c7281237a751681e1c985b5eae6309847dc44bc02
-
SHA512
73ebe57fe03d8a94425d8eca70eb5e73f79e162eb5fd31d53c3ae8218fb3ea3c45dfe676e08d17d633beca2f10310511925b828ff3a01fdaf74e28d6d1edfcff
-
SSDEEP
6144:rKQh6Y50QQqje4+pxvVU8DGgUiMjyL7rvDQGObgnuVISUx:O3znqadW8TZN7rvEGpSUx
Malware Config
Signatures
Files
-
49d21d524edf9f5d81c5683c7281237a751681e1c985b5eae6309847dc44bc02.exe windows x86
01e3119def6c9e503fd7bb0c255493f8
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
Sleep
GetExitCodeProcess
Sleep
Sleep
WriteFileEx
lstrcpyW
WaitForSingleObject
lstrcmpA
GetPrivateProfileIntA
FindResourceW
InterlockedIncrement
GetPrivateProfileSectionA
ExitProcess
GetPrivateProfileIntA
CreateDirectoryA
GetFileAttributesA
LoadLibraryA
InterlockedDecrement
GetDiskFreeSpaceW
GetDiskFreeSpaceW
GetLongPathNameA
VirtualAllocEx
SetEnvironmentVariableA
apphelp
AllowPermLayer
ApphelpCheckExe
ApphelpCheckIME
SdbCreateMsiTransformFile
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rss Size: 304KB - Virtual size: 308KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ