Static task
static1
Behavioral task
behavioral1
Sample
aaa616659f1dd6a02efe0eadc1a93307800962dcef48499406eeb75fb0be3a72.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
aaa616659f1dd6a02efe0eadc1a93307800962dcef48499406eeb75fb0be3a72.exe
Resource
win10v2004-20220812-en
General
-
Target
aaa616659f1dd6a02efe0eadc1a93307800962dcef48499406eeb75fb0be3a72
-
Size
276KB
-
MD5
60b1758934baaa2c81c93e5e04eef2d3
-
SHA1
5da411686273470555ae3b9a1e8ceaecbe1f9c63
-
SHA256
aaa616659f1dd6a02efe0eadc1a93307800962dcef48499406eeb75fb0be3a72
-
SHA512
076fe18d149d6252dd97fe11b705ca2ef72b771e8f0871c09ced4e2faafc323adce21a71b8397330e6fbc90cd7e83c2776e20b1e9134d8f5d85e12feca1e9ebf
-
SSDEEP
3072:BHX4hEklcFz3zeFRB5ErsSAJJYoXfKYwWu/YTVZqM+VezxkYjrBqatmD2w4mNorW:gEklcoFRBKsRYyxwNYRzeRYy2ZiorFDE
Malware Config
Signatures
Files
-
aaa616659f1dd6a02efe0eadc1a93307800962dcef48499406eeb75fb0be3a72.exe windows x86
f44caf8e06d7e8a49b8e7f3ce65a7c96
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ws2_32
WSAGetLastError
ioctlsocket
WSAStartup
WSACleanup
recv
setsockopt
connect
htons
socket
inet_addr
gethostbyname
send
closesocket
kernel32
Sleep
CreateThread
DeleteFileA
CloseHandle
WaitForSingleObject
TerminateThread
IsDebuggerPresent
GetLastError
CreateMutexA
SetConsoleCtrlHandler
WinExec
GetModuleFileNameA
GetExitCodeProcess
WriteFile
ReadFile
PeekNamedPipe
CreateProcessA
GetStartupInfoA
CreatePipe
TerminateProcess
OpenProcess
GetCurrentProcess
CopyFileExA
CreateFileA
MoveFileExA
GetProcAddress
LoadLibraryA
lstrcatA
lstrcpyA
GetComputerNameA
LocalFree
FormatMessageA
GetStringTypeA
ExpandEnvironmentStringsA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetThreadLocale
MultiByteToWideChar
Process32Next
Process32First
CreateToolhelp32Snapshot
SetEndOfFile
SetFilePointer
GetFileSize
FindClose
FindNextFileA
FindFirstFileA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetModuleHandleA
HeapSize
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileW
GetProcessHeap
CompareStringA
CompareStringW
GetVersionExA
InitializeCriticalSectionAndSpinCount
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
GetModuleHandleW
ExitProcess
HeapAlloc
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
user32
GetAsyncKeyState
GetKeyState
PostMessageA
FindWindowA
OpenClipboard
EmptyClipboard
CloseClipboard
EnumChildWindows
SendMessageA
GetForegroundWindow
GetWindowTextA
MessageBoxA
advapi32
LogonUserA
RegQueryValueExA
LookupAccountNameA
IsValidSid
GetUserNameA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
CreateProcessAsUserA
RevertToSelf
shell32
SHGetFolderPathA
SHChangeNotify
ShellExecuteExA
ole32
CoCreateInstance
CoInitializeEx
CoUninitialize
Sections
.text Size: 222KB - Virtual size: 222KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ