Static task
static1
Behavioral task
behavioral1
Sample
ca6b62902a2cf83f3858239d33273b0e974d759271a29b258149bff9465d4fed.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
ca6b62902a2cf83f3858239d33273b0e974d759271a29b258149bff9465d4fed.exe
Resource
win10v2004-20221111-en
General
-
Target
ca6b62902a2cf83f3858239d33273b0e974d759271a29b258149bff9465d4fed
-
Size
553KB
-
MD5
5b2be75768b0e8f284f2695c29755ce1
-
SHA1
73c29f7259971786855b7fc7486fd5e052ffbd6f
-
SHA256
ca6b62902a2cf83f3858239d33273b0e974d759271a29b258149bff9465d4fed
-
SHA512
5c884c4d56f433abc018b7bf52bc76ab5ab804856fa366f2501cad2bffe466998ac4cf60c2fa4957a4b84bc3101431f533b9fbd4ac81635818bb0fa16a7934d6
-
SSDEEP
12288:j/V5cToaPlqiIvrhAAvoVLuUB5RQKKYQq:rzePlq/DhAAvQBJKYQq
Malware Config
Signatures
Files
-
ca6b62902a2cf83f3858239d33273b0e974d759271a29b258149bff9465d4fed.exe windows x86
27651c8ab2cb24f34870f86687420910
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetVersionExA
GetUserDefaultLangID
LoadLibraryW
GetCurrentThreadId
EnterCriticalSection
GetThreadLocale
RaiseException
Sleep
LocalAlloc
GetFileAttributesW
GetDateFormatW
GetTimeFormatW
lstrcpynW
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
LocalFree
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
InterlockedExchange
DeleteCriticalSection
InterlockedDecrement
lstrcmpiW
InterlockedIncrement
lstrlenW
lstrcpyW
OutputDebugStringA
InitializeCriticalSection
SetThreadLocale
GetProcessHeap
HeapAlloc
GetLocaleInfoW
GetVersionExW
GetLastError
user32
GetWindowLongW
SetWindowLongW
wsprintfW
GetWindowTextW
GetActiveWindow
CharNextW
GetParent
GetDlgItem
UnregisterClassA
MapWindowPoints
SendMessageW
GetWindowRect
MessageBoxW
LoadStringW
SetDlgItemTextW
GetDlgItemTextW
SetWindowPos
gdi32
CreateDIBSection
GdiFlush
advapi32
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
shell32
DragQueryFileW
ole32
CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
ntdll
memset
isdigit
memcpy
msvcrt
free
malloc
comctl32
CreatePropertySheetPageW
DestroyPropertySheetPage
shlwapi
PathRenameExtensionW
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 436KB - Virtual size: 756KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ