Static task
static1
Behavioral task
behavioral1
Sample
b2d67976f2a7c7d7407153d6732b21908d84febe103304f5f8613b1e91a31a12.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b2d67976f2a7c7d7407153d6732b21908d84febe103304f5f8613b1e91a31a12.exe
Resource
win10v2004-20220812-en
General
-
Target
b2d67976f2a7c7d7407153d6732b21908d84febe103304f5f8613b1e91a31a12
-
Size
144KB
-
MD5
3e71989ccd95484971fd0caebc31547a
-
SHA1
f057adacc6cd845f19dbd6d1e6bdc11748d0e3f0
-
SHA256
b2d67976f2a7c7d7407153d6732b21908d84febe103304f5f8613b1e91a31a12
-
SHA512
0871c5bac87b9365da620061229158bb18ef60fc1cbc752e531dc8844da49f3caa70955f83542f57f2405a95a728a6328d06fe76a594f9e63a532ef459a6453e
-
SSDEEP
3072:lAKO2rpc2WCkMypqeeKwGHVdFAXm7qG3W1kv:l75NBWBMypqJKwGHVsXsqG3/
Malware Config
Signatures
Files
-
b2d67976f2a7c7d7407153d6732b21908d84febe103304f5f8613b1e91a31a12.exe windows x86
609098f54fefb9f4460ea50b281c2977
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteFile
RtlUnwind
GetStartupInfoA
GetFileType
GetModuleFileNameA
SetHandleCount
GetCommandLineA
SetEndOfFile
GetEnvironmentStrings
SetStdHandle
FlushFileBuffers
CreateFileA
LoadLibraryA
GetStdHandle
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
SetTapePosition
GetProcAddress
LoadLibraryW
GetCurrentThreadId
Sleep
WaitForSingleObject
SetEvent
GetVersion
FileTimeToLocalFileTime
CreateEventW
LoadResource
QueryPerformanceCounter
SizeofResource
GetDateFormatW
GetModuleHandleW
GetVersionExW
OpenProcess
GetSystemTime
GetVolumeInformationW
CreateFileW
GetCommandLineW
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CloseHandle
GetLastError
GetStartupInfoW
GetModuleHandleA
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
ReadFile
user32
WindowFromPoint
LoadIconW
ReleaseCapture
OffsetRect
EndDialog
CloseClipboard
GetMessageW
ReleaseDC
DefWindowProcW
CreateWindowExW
GetWindowLongW
CallNextHookEx
EnumWindows
GetClassInfoExW
LoadCursorW
gdi32
SetBkColor
SetTextColor
GetClipBox
GetCharWidthW
CreateBitmap
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
EnumPrintersW
advapi32
RegEnumKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
FreeSid
OpenProcessToken
StartServiceCtrlDispatcherW
InitializeSecurityDescriptor
RegSetValueExW
RegisterServiceCtrlHandlerW
SetEntriesInAclW
SetSecurityDescriptorDacl
SetServiceStatus
AdjustTokenPrivileges
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
GetTokenInformation
LookupPrivilegeValueW
ole32
CoInitialize
CoRegisterClassObject
OleInitialize
OleSetContainedObject
CoRegisterSurrogate
ws2_32
WSAConnect
WSACreateEvent
WSAGetOverlappedResult
WSASocketW
WSAWaitForMultipleEvents
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 44KB - Virtual size: 555KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ